At its core, the value proposition of Open Banking is making financial services more accessible, competitive, and to improve a customer’s experience with the financial system. The key to unlocking that value is data access – and trust in those given access. That trust will be built on transparency and data protection.
The European adoption of Open Banking has been built on strong rules and regulations which are not present in the US, so the US will likely follow a different adoption path. Still, looking at the European growth and best practices can provide some good guardrails for the US growth.
Four years after its introduction, Open Banking has reached the following milestones in Europe:
- Strong cumulative growth – 4.5 million regular users, of which 3.9 million are consumers and 600,000 small businesses.
- Faster adoption in the last 12 months – 60% increase in new customers (up from 2.8 million in December 2020); 1 million new regular users are added every 6 months.
- Surge in Open Banking payments – At the end of 2021, cumulatively over 26.6 million payments had been made, an increase of more than 500% in 12 months.
With payments innovation decreasing consumer reliance on in-bank visits, and the COVID-19 pandemic making remote banking a necessity, we have seen two approaches to digital banking. One approach has been to mimic the in-person experience, and the other is to reimagine the experience around the digital-first customer. Virtual banks have taken the second approach and gained a competitive time-to-market advantage with regard to addressing consumers’ overall financial needs and desires, rather than just offering digital banking services. One of those desires will be making payment choices based on the needs and optimal return in different situations.
A card will not always be the best choice, especially if there is a tangible incentive, which may be rewards, a discount, or the elimination of an add-on fee or surcharge. One powerful option is the Open-Banking-based consumer-to-merchant direct push of funds, also known as Open Banking Payments. While there are technical elements required, its success will largely be based on consumer awareness and buy-in. Below are a few aspects the payments and banking industry will have to address before it initiates a widespread awareness campaign for Open Banking Payments in the US.
More than anything, simplicity is key to achieving mass adoption. As a general rule, people are interested in using applications only if the customer journey is aligned with their expectations and isn’t disruptive in comparison with utilizing similar processes. If banks and payment organizations champion intuitive design, consumers are more likely to view Open Banking as an alternative payment method, rather than an entirely new offering they have to master.
When introducing new banking products or services, consumers don’t want to feel burdened in their daily lives but rather reap the benefits with minimal interaction and disruptions. The novelty of Open Banking shouldn’t be in the process but rather in the third-party benefits. In fact, there should be no novelty in the consumer mind about Open Banking Payments. It should simply be another easy-to-use choice for making a payment. The key to success will be the consumer experience being much closer to that of Apple or Android Pay than to online/mobile banking.
SECURITY AND DATA PROTECTION
Due to the lack of legislative pressure in the US, the development and adoption of Open Banking Payments will be reliant on its expected commercial benefit, rather than nationwide coordination with a regulatory compliance initiative. While US Open Banking will likely proceed based on guidelines rather than mandates, it is possible that interoperability and collaboration between banks may progress faster than what has occurred in Europe: in Europe, the “open” aspect of banking was mandated, but the uniformity of the data itself was not. In the US, however, the mandates may not be in place, but there are concerted efforts, such as the Financial Data Exchange, to standardize the data, which should accelerate the implementation of meaningful use cases.
Where we may see legislation and mandates is related to data security. Europe’s PSD2 is known for its mandating the opening of banking data via APIs. More importantly, and working in conjunction with the General Data Protection Regulation (GDPR), it also provides a set of “digital rights” to EU residents revolving around consent to use data and clear communication on how data will be used. A similar set of regulations for data security, usage, and transparency would go a long way to building a foundation of trust in US consumers who may have been negatively influenced by the lack of data transparency and protection they have experienced with today’s ad-funded platforms. Europe’s universal assurance that the consumer has absolute control over how and where their data is used and shared provides an excellent case study into safeguards to foster the adoption of Open Banking.
Traditional approaches to data security have been driven by the need to reduce risk and fraud by tightly controlling access to financial data. With Open Banking, the traditional goals of risk management and fraud prevention remain paramount but are augmented with additional goals, such as open data sharing, ease of data consumption, and customer control of their financial data. Open Banking empowers customers to choose who their data is shared with and how much of their data is shared. Banks must facilitate this targeted data sharing while continuing to provide the same high degree of security as today.
As Open Banking use cases evolve and new service models become available to customers, banks must balance data privacy and protection with customer control and transparency. The team at Levvel, who joined the Endava family in 2021, outlines the limitation succinctly in its report on Open Banking architecture: “Open Banking increases the need for banks to guard against external and internal threats. As the number of interfaces through which data can be accessed grows, the type and intensity of external threats will also grow. Existing threat protection techniques that are currently being employed by banks must be extended and enhanced to cover APIs.”
RETURNS, ISSUES, AND FRAUD
A key point to securing the adoption of Open Banking Payments in the US is to establish clear and uniform support for returns and fraud. While there should not be an attempt to mimic the zero-liability policy of cards, the consumer needs to have a clear and consistent, positive experience with how returns, disputes, and exceptions are handled.
The sticking points will be where liability exists when there is fraud and where liability lies with the consumers themselves. The US consumer today has been conditioned to believe that they have no liability, regardless of the actions that led to a scam, theft, or fraud. The merchant processor, bank, or payment organization is almost always the end point for restitution. The widespread adoption of Open Banking Payments will require a commonsense approach for assigning liability for theft or fraud across the landscape of merchants, payment facilitators, and consumers. An awareness campaign, similar to today’s Phishing and P2P fraud ones, is also needed to educate the consumer about the potential risks of scanning QR codes and pushing payments.
In the absence of regulation, liability rules will likely be a work in process. During this time, the most likely start for Open Banking Payments in the US will be with commerce-related services and digital goods, rather than the delivery of physical goods.
Open Banking and its payments capability levels the playing field between banks, virtual banks, payment processors, and fintechs. There are always winners and losers with any innovation, but in the case of Open Banking and its impact on payments, it will not be a zero-sum game: there is room for success for everyone, with the consumer being the big winner.