API Strategy for Open Banking
tags :
Book #
Highlights #
From screen-scraping to open banking , enabled by PSD2 #
DOWNLOADED: screenshot @ 2023-06-21 20:42:26
OCR of Images #
2023-06-21_20-42-26_screenshot.png #
With the way things are today, it's not that it can't be done, but more that it's impractical. Of course, any financial services - banks included need to be well-secured, with information locked away in internal systems. This is why the existing (and highly limited) model of giving FinTech services direct access to your account (known as screen scraping) simply can't go on. The finance management service Mint performs screen scraping regularly gaining direct access to your bank accounts but it feels safe enough knowing their parent company, Intuit, already holds E millions of social security numbers. However, requiring user login information is a significant barrier-to-entry for smaller FinTech developers. These applications may only need a limited scope of data to operate, such as your spending dates or locations your credit card has been used at. APIS are an obvious solution to this, allowing third-party services to interact with banks, drawing only the necessary information, and performing only the necessary services. With standardized authentication and delegation protocols widely established for APIS, not only would it be more secure it would be more effective. Changes in regulation, like with PSD2 in the European Union, are already pushing for and preparing for this change. Ultimately, though, it's up to banks to open themselves up to the world in a way thatis usable.