Light Dark
November 1, 2017 By Brooks Miller 3 min read
Banking & Finance
Fraud Protection
Risk Management

Banking is set to significantly change as Payment System Directive 2 (PSD2) regulations are introduced across Europe. In fact, open banking regulations are being considered in a number of regions around the world. The directives will require financial institutions to adopt open banking by safely and securely allowing customers to view account information and initiate payments through third-party providers that access bank data via open application program interfaces (APIs).

Open banking can help fintechs and other third-party providers develop new applications and services as they gain access to a bank’s customer financial and transaction data. As a result, traditional banking business models are being disrupted. Consumers can now conveniently manage their money, initiate transactions and even apply for new financial services using third-party applications.

As open banking opens the door to new competition, it provides an opportunity for banks to form partnerships and deliver their own innovative products. These fresh opportunities, combined with the right security strategies, can help banks evolve and drive customer loyalty in this new era of banking.

Read the white paper: Harnessing the power of open banking

Customer Expectations Drive Innovation

As technology expands, financial transactions that used to take days can now be completed in a matter of minutes. If you owe a friend money, just jump on your phone, open your payment service app and transfer funds on the spot.

As banking becomes more digital, consumers are visiting banks less. The traditional business model seems to be disappearing. Financial institutions should rethink their offerings and IT design to help position themselves as innovative leaders and meet consumer demands.

Banks that embrace this evolving digital landscape can drive innovation and create new opportunities on their own. If they don’t change with the marketplace, customers may leave to find a different bank that does.

A New Frontier for Fraudsters

As fintechs make their way into the banking ecosystem, this migration may add a new layer of complexity and opportunity for fraud. Financial institutions should consider the following security capabilities to help them fulfill customer expectations.

  • API security: Securing and managing APIs will be valuable when participating in the open banking ecosystem. Security, traffic management and mediation policies can help banks securely expose APIs to connect and build trust with third parties.
  • Customer authentication: Using multiple authentication mechanisms allows banks to offer customers the type of authentication experience they find most convenient, which can help lower abandonment rates and protect against cybercriminals.
  • Risk assessment: Fraud teams may not be able to obtain traditional risk indicators from a user’s device when transactions are submitted via an API in an open banking environment. Consider analyzing a wide range of risk indicators and fraud patterns across channels and institutions.

Security Risk Assessment Basics

So what are some of the security basics that banks should consider in the age of open banking? To start, financial institutions should incorporate a multilayered approach that provides insights into a vast range of risk factors and visibility across digital channels.

Banks should also consider working with partners that can provide omnichannel visibility and risk-based authentication to help identify threats and protect against fraud. Omnichannel visibility typically spans phone (call center) risk, cyber risk, cross-channel transaction anomalies and API risks. Looking at these areas in unison can help detect and prevent cross-channel fraud as it happens.

Risk-based authentication is another key component to open banking. Banks need to authenticate end users even when there might not be a direct channel between a given user and the financial institution. Banks can combine authentication modalities with behavioral biometrics to help confirm the identity of a customer.

Succeeding in the Open Banking Era

Open banking is fundamentally changing the relationship between consumers and banks, and transforming how people manage their money. Financial institutions that embrace the evolving banking ecosystem, deliver new value-added services and add the right layers of security will set themselves up to drive customer loyalty.

To learn more about the challenges and opportunities presented by open banking, download the white paper, “Harnessing the Power of Open Banking,” and listen to our podcast, “Security in the Age of Open Banking.”

 |  |  |  |  |  |  |  |  |  | 
Brooks Miller
Product Marketing Manager, IBM

More from Banking & Finance
March 13, 2024

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

March 7, 2024

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

January 26, 2024

DORA and your quantum-safe cryptography migration

5 min read - Quantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector.The Digital Operational Resilience Act (DORA) is a regulatory framework that introduces uniform requirements across the European Union (EU) to achieve a "high level of operational resilience" in the financial services sector. Entities covered by DORA — such as credit institutions, payment institutions, insurance undertakings, information and communication technology…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature