Until very recently, closed banking ruled the financial world — financial institutions closely guarded their customers’ data and required individuals to compile information across accounts on their own. Then came screen-scraping, a common practice of aggregating data by accessing and storing users’ credentials. Now, open banking is revolutionizing the industry by creating a vast network of integration, and offering alternative options to access all financial information in a secure, convenient way.
Though screen scraping has been widespread and convenient, those days could be coming to an end. Open banking hinges on financial transparency and depends on security. But the question remains, can banking convenience and security go hand-in-hand? What’s so bad about screen-scraping anyway? And what’s the alternative – can open banking be realized without screen-scraping? We absolutely think accessibility and security should be the foundation of all financial institutions’ data strategies, so let’s explore open banking vs. screen-scraping and find out.
What Is Open Banking?
Open banking is the accessibility of banking information made available outside of the bank’s platform. Often achieved through the practice of sharing APIs with a third party to provide centralized banking information for a consumer, the shared APIs allow the third party to aggregate data about a consumer’s banking habits in one location. This “dashboard” lets individuals and business owners manage their finances much more easily, as they don’t have to log into all their accounts and keep track of each one individually.
Open banking creates a network of data that consumers and business owners can use to gain a comprehensive grasp on their financial situation. Consumers can securely access their financial information from multiple financial institutions simultaneously, thus granting more opportunities for finding solutions to manage debt and optimizing spending habits. With a comprehensive view of one’s assets, bankers can help you compare the various options for investing and borrowing money, ensuring that you make an informed decision.
Small business owners at commercial banking institutions can also benefit from open banking because it enables them to combine and synchronize their financial information, and also integrate their financial transactions into business software such as accounting and ERP applications. They can track their sales — a crucial data point for new businesses that intend to grow — keep a concise record of cash flow and make informed decisions about expenses. Open banking also increases accessibility to loans, as all the financial information is available in one place.
Ninth Wave’s platform is an open banking system that is built on financial transparency, robust security, and convenience for our customers. Connecting your bank with the growing ecosystem of apps through a single access point for all your transactions improves performance and reduces risk. We enable your banking customers to track financial performance and wellness, facilitate cash flow management, and minimize the time spent aggregating information.
Benefits of Open Banking
Open banking provides various advantages to both consumers and financial institutions.
1. Consumer Convenience
Open banking allows customers to access all their financial information in one place, which is much more convenient. Financial technologies also let business owners access their banking information without physically visiting a bank. The simplified information removes the responsibility of monitoring financial information internally. Business owners minimize the time their employees take to organize their financial data, which frees them to focus their efforts elsewhere within the company.
2. Data Transparency
Data transparency is vital to open banking’s success. Once the data is shared from an individual financial institution to an app or external software, the consumer’s data is now in others’ hands. Customers should have the power to control what information gets shared and with whom – and should have the ability to revoke permission and access at any time. Banks retain information and hold it in their systems, but there’s no accountability for screen scrapers who collect bank credentials from their customers. With open banking, APIs securely share that information, thus creating a more transparent view of a customer’s finances.
3. More Accessible Information
APIs allow for real-time access to information as it becomes available. Though banks provide some data, it may be more challenging to access. By combining details from different financial institutions, you create an access point for all your accounts without having to share your banking login information.
What Is Screen Scraping?
Screen scraping in banking is usually when an application has access to login information, like a username and password. The application can then store these credentials and use it repeatedly to gain access on behalf of the user. This application can then scrape financial data such as account balances, transactions, and other information, because it is technically logged in as the user.
Many financial applications are connected through aggregator technology that stores credentials and logs in on an ongoing basis to scrape the most current information, so that consumers can access their data through those applications at any time. While this may be convenient, one of the main problems with screen scraping is an array of security concerns. And for the financial institutions’ platforms, screen scraping technology could put a great strain on their network, increasing costs and potential downtime.
Aggregating banking data is valuable for individuals and businesses to manage financial transactions and make financial decisions. And even though screen scraping has been a widely used practice for decades to acquire, process, and aggregate data that consumers need and expect access to, it is certainly not the most secure. Though the rise of open banking regulations might represent a threat to screen scraping and a move for the entire industry to embrace alternatives, some banks and financial institutions are pro-actively securing their systems and data by protecting against screen scraping aggregators. Eventually, third parties may shift into a hybrid approach – using open APIs where possible and screen-scraping some data that isn’t available through these direct access pathways.
Many industry leaders recognize that screen scraping has shortcomings and may no longer be the best approach, despite being the sole option for so long. Consumers want their data accessed and processed, but screen scraping does not offer that securely.
A common point of contrast between open banking and screen scraping is consent. Though consumers accept terms and conditions when connecting their apps, in true open banking, consumers should be able to revoke their permission at any time, and the third-party system must honor the right to be forgotten and “forget” their data. Moreover, consumers must have the power to determine and limit which data is shared. However, with screen scraping, this degree of personalized consent is not possible. Because the third party obtains the banking credentials, they have access to all of a user’s accounts and you can’t guarantee how they manage your login information and extracted data, or if they avoid pieces that you don’t want scraped.
Open banking relies on shared APIs, which allow the financial institution to manage data and monitor who has access to it. However, the risks associated with screen scraping are prompting informed users and leading financial institutions to seek alternative means of open banking data sharing.
Risks Associated With Screen Scraping
The risks that come with screen scraping primarily stem from the fact that a customer must share their bank login information. Here are three potential dangers.
1. It Is Unclear Who Accepts Liability If Something Goes Wrong
Because a user hands over their banking credentials, the third party essentially impersonates the customer by logging in and accessing the information stored there. As a result, they have access to the data, and they arguably become an extension of their customer – it’s challenging to determine who does what with the information stored in the account, since they are using the same profile. The first lesson most people learn in cybersecurity is to never share login information, especially passwords, with anyone. Sharing data with an app should be a cybersecurity concern as well.
2. Screen Scraping Increases the Risk of Phishing Attacks
Phishing is when a criminal poses as a representative of a legitimate institution to obtain sensitive information. Because screen scraping normalizes sharing such details, the risk of phishing sharply increases – some individuals are trustworthy and will aim to protect your data, while others try to steal it. Phishing is a growing issue, so researching those who contact you and creating single-use passwords help protect you online.
3. Lack of Security for Your Credentials
Once you share your banking information with a third party, you risk your credentials or private information getting leaked, traded or sold. Before providing any sensitive details, it’s essential to learn how the third party protects your data. You should also create a unique password – one you do not use for any other account online – to reduce the chances of the third party gaining access to any other accounts.
Additional Open Banking Tips
Convenience and security in banking services should go hand-in-hand. A successful open banking strategy maintains that one should not come at the expense of the other.
Ninth Wave provides services to a wide range of financial institutions, from banking and wealth management to tax services. We integrate and manage the external APIs and institute authentication measures to ensure your data is secure, accessible, and permissioned. Seven of the ten leading banks in the United States and eight of the top 10 U.S. wealth managers rely on our platform to integrate their financial data and provide for their customer bases.
At Ninth Wave, our platform offers far greater transparency and security than screen scraping or similar approaches, while giving you far more control over your data. If you’re interested in finding out more about open finance and open banking, check out our blog for valuable insights about how to find trusted sources and weigh all your options. When you’re ready to learn more about who we are and the services we provide, reach out to us anytime.
About Ninth Wave
Ninth Wave delivers secure, seamless, and standardized data connectivity to fintechs and financial institutions of all sizes, through a single point of direct integration to a universal suite of open finance APIs. With configurable controls, visibility, and insights into all data sharing and data acquisition connections between aggregators, third-party apps, and internal applications, Ninth Wave empowers financial institutions and their customers with access and oversight to their connected apps, enabling secure data exchange in a holistic and scalable open finance ecosystem. Offering solutions for retail and commercial banks, wealth managers, credit card issuers, tax providers, and more, Ninth Wave provides unparalleled connectivity and universal compatibility to complex information systems, unlocking innovation, potential, and performance for your data. Contact us to learn more about Ninth Wave’s secure data connectivity features. Empowering open finance. At scale, at last.