Open Banking Data

Open banking revolves around the idea of having open access to data. Without the free-flowing interlinked data stream, the whole concept of open banking would just fail. But what is open banking data, what makes up this data and what benefits does it bring to both the banks and the customers? There are a lot of questions and unknowns. There is a lot to know about what is open banking data, and the interesting nuances that surround it!

Open Banking Data Sharing

Open bank data is commonly used as a synonym to the general term open banking. It’s a concept and a practice that allows 3rd party providers of financial services to access account and relevant financial information from consumers that give permission (consent). The data is accessed and shared via designated tools called APIs or Application Programming Interfaces.

By allowing the share of data cross-institutionally, open banking enables users to gain unparalleled access to better financial services as well as streamlining many different processes that would, otherwise, take much more time and require much more effort to manage.

Open banking data sharing is monitored and supervised according to existing and enforced government regulations. The best examples of these are the PSD2 and GDPR requirements outlined by the European Union. Another good example is the UK’s Open Banking act. But, as these regulations change region to region, different types and sorts of data are being shared as a result of open banking services.

Usually there are layers of security and verification in place, during the data exchange between the financial institution and the 3rd party provider, in order to ensure the transparency and accurateness of the exchange. Thanks to state-of-the art technology of APIs, data sharing and exchanges happen almost instantaneously, ensuring fluidity and efficiency. Before open banking services can be initiated, the consumer has to provide consent and only then their data will or can be shared.

Open Banking Accredited Data Recipient

Not everyone can easily access and get open banking data. In order to be able to access such information with the consent of the user, you have to be an accredited data recipient. There are requirements that an organization has to match before it is given access or even consideration for an accredited data recipient.

Accredited data recipients are approved by the corresponding authorities in their countries, regions, etc. For example, in Australia this has to be the ACCC or the Australian Competition and Consumer Commission. In other countries there are also usually designated institutions (mostly instituted by the government or independent but commissioned by the government) to give out, modify and revoke accreditation for data gathering.  

Only accreditation can ensure that open banking data privacy is guaranteed and is transferred between parties without violations according to the law. These regulations cover and disclose what kind of data can be gathered by 3rd parties and what kind of security measures they have to implement. There are usually standards, nation or region-wide, simplifying the overall process and making it more clear for the developers and service providers on the implementation of such solutions. Only open banking accredited data recipient can be trusted. You can check their licensing and accreditation status on the directories and websites of your corresponding authority’s website.

Data Gathered by Open Banking

The concrete data points that are gathered and collected by 3rd parties can vary, according to your local and/or regional regulations.

Usually, there are strict limits on what is open banking data and what can be gathered. Regulators limit the freedom of data gatherers to ensure that they can obtain only what is strictly necessary to provide designated financial services. Most common data points include:

·        Account holder data (Name, surname, etc.)

·        Personal code or company code for a company

·        Residential or location address

·        Merchant category codes or activity codes

·        Financial liability (active) information

·        Account information regarding deposits and/or securities

·        Transaction codes

There might be some other information, possessed by the financial institution that could be transferred (e.g. employment status and place of employment) but these do depend on the regulations.

Open Banking Dataset

An open banking dataset is a large collection of data, related to open banking. It is hugely valuable to 3rd party service providers and developers of open banking APIs. These datasets can contain a lot of very valuable and useful information that can aid in the creation, development, repair or even total restructure of any given open banking-related service.

These datasets are usually openly accessible repositories. For example, there is the European Open Data portal where you can find dozens of open banking-related datasets alone and over 500,000 individual datasets.

What can these datasets include? A lot of things, ranging from the list of banks, and locations of ATMs, all the way to economic data, specific models for financial technology with coefficient values and other important pieces of information that can be used for the development of open banking services and tools.

Open Banking Data Exchange

The data exchange during open banking services is very much subject to regulation. However, the PSD2 and the Open Banking Act in the UK have implemented a transparent and secure process for data exchange between the user, the bank and the 3rd party.

The exchange begins when the user initiates the process by requesting service from the third party provider. The provider, then, contacts the bank with the consent of request. The bank sends out a secure login prompt for the user where they have to login and approve using one of the approved identity verification methods.

Once the login and the identity are verified, the user and the bank both verify their consent. The bank sends out a special token to the third-party and creates an order for data request. The third-party responds to the user and the operation is finished.

The whole process usually takes less than a minute and is much more efficient for both payment initiation and verification purposes than manual bank wire transfers and preparing and printing out approved paper documents respectively.

During the second or third phase of the financial data exchange, open banking or your regular banking service providers will shortlist and summarize the data that they will be gathering. This will, of course be noted before you initiate your consent and before the final verification to ensure total transparency. So, this is all about open banking transaction data exchange that you should know as a beginner!

Open Banking Data Protection Challenges

Of course, when it comes to open transactions and the access given to personal data for 3rd parties, there is also the discussion of security and threats. With this regard, in order to keep open banking data secure and safe, developers and regulators are usually working together.

With close to 75% of all SMEs looking to adopt open banking by 2022 in the UK, it’s only natural to be concerned for how open banking data protection works and what is being done in order to keep data secure and prevent wrongdoers and cyber criminals from taking advantage of the open nature of this concept.

The three major concerns for customer and developers are: malicious software, data breaches and hacking. Open banking data standards from regulators try to address them in order to make external attacks as difficult as possible and create as many obstacles as possible.

The first challenge is the standardization and the regulation of open banking data and data exchange. This is more of a challenge to developers rather than users. The developers have to closely follow the rules and guidelines, set out by the regulators in order to be allowed the right to use open banking data. These APIs for open banking go through audit and independent or strictly regulated checks in order to be authorized. PSD2 and the GDPR legislation by the EU are considered the gold-standard for all financial transaction-related security.

Open banking transaction data

Many challenges are overcome by enabling open banking consumer data right as well. The client - the user is put in control of when and how they wish to hand over the data. The APIs and the TPPs must disclose what kind of data they are gathering in order to ensure full transparency.

Get started now!

No trial period. No credit card. Free forever.

Join our Newsletter

We frequently share industry news and Nordigen product updates to our closest friends, fintech innovators and industry experts. Sign up to our newsletter to hear more from us.

By providing your email, you accept
Nordigen's Privacy Policy.