What is Open Banking? Everything you need to know

When you hear the term Open Banking what springs to mind? If the answer to that question is nothing, you’re not alone. When surveying a group of people, ‘Which?’ found that 92% of the individuals who responded had never even heard of it. Let’s assume the same applies to the term PSD2, or ‘Payment Services Directive 2.’ If you are one of the rare people who has actually heard of these terms, well, congratulations.

It’s easy to look at the phrase Open Banking suspiciously. Firstly, the idea of anything being open when it comes to your finances is scary. Nobody wants the details of their Amazon order out in the open. Secondly, what even is it? Considering both initiatives have been active for over a year now, it’s probably time we explored the topic. So, if you’ve ever asked yourself ‘what is Open Banking?’ or briskly googled ‘PSD2 summary for dummies’, look no further.

Here we go…

What is PSD2?

PSD2 came into effect on January 13th, 2018 but let’s take it from the top. It all started with the initial 2007 PSD. The goal of the Payment Services Directive (PSD) was to create a single payment market within the European Union. Or, as Barclays bank put it “This legislation established an EU single market for payments to encourage the creation of safer, more innovative payment services. PSD’s authors also aimed to make cross-border payments in the EU as easy, efficient and secure as payments within a member state.”

So, PSD2 is essentially a revised version of its predecessor and was proposed in 2013, only to come into effect five years later.

Despite coming into play in 2018, some of the more complex measures will not be put in place until September 2019. It was created to revolutionise the way we bank, and while we know this is a bold choice of words, the initiative really has the opportunity to shake things up.

Enough about dates and abbreviations. What actually is PSD2? It was created to make the payment industry more innovative, safer and fairer. The ways in which we pay–whether it be through contactless card readers, multi-factor authentication or online banking, has undergone constant evolution. But it is fair to say that the banks themselves haven’t.

The new movement promises the following:

  1. Improved security through Strong Customer Authentication.

  2. Third-party access to data, with the consent of consumers.

  3. Enhanced protection and rights for consumers.

  4. An increase in competition in the market as banks have to become more transparent and face a push to innovate the industry.

  5. Standardising, integrating and enhancing payment efficiency.

  6. Adding new payment services into the regulation.

The changes mean that new rules both promote and protect Open Banking through mobile and online payments, allowing customers to use third-party providers to manage their finances.

With the customers’ consent, third-party payment providers can access banking data through APIs, or application program interfaces. This data sharing enables approved FinTech businesses and Startups to both challenge and help banks in innovating the industry.

PSD2 is also trying to catch banks up with modern security methods. It is now a legal requirement that stronger identity checks take place when online purchases are made, making your transactions safer through multi-factor authentication. But, more on this later...

To summarise, banks are finally coming into the modern world.

What does this mean for me?

You’re being told that your customer rights are going to be enhanced, but how?

One significant change is increased transparency. The initiative calls for more transparency with exchange rates and currency as well as simplified Terms and Conditions that people can actually digest.

PSD2 has also made it mandatory for payment providers to respond to complaints of high importance and get back to customers in good time. If you put forward an important complaint, your provider will now have to get back to you within 15 days. Payment providers also face regulations on how to respond to complaints and record them internally, giving your voice a signal in the noise.

One prominent change is the bar on surcharging certain card transactions. This includes consumer debit cards, prepaid cards and credit cards. However, commercial cards do not have to abide by this rule. France, Sweden and Italy have all opted against surcharging on commercial cards, whereas the Netherlands, Germany and the UK have decided to allow it.

If you have multiple bank accounts, the new regulations are good news for you as they also allow certain Account Information Service Providers to enable customers to view all of their account information in one place. Say goodbye to managing multiple accounts.

How safe is it?

It can be argued that it is just as safe, if not safer than traditional banking. As Wired reporter Rowland Manthorpe points out;

“APIs – the technology used to move the data – are trusted and the law requires account providers to use strong customer authentication, a procedure which allows the payment service provider to verify the identity of both the user and the service.”

New Secure Customer Authentication laws have introduced multi-factor authentication requirements for particular transactions. For instance, online or mobile payments. To proceed with a payment, customers with have to supply two of the following:

  1. Biometric data

  2. Identification such as a password or PIN

  3. Something that only belongs to them. For instance, a card or phone

What is Open Banking?

Obviously, Open banking and third-party data sharing are the features of the new regulations that have attracted the most attention. But what does this really mean? Here’s Open Banking explained…

First things first, what is the difference between PSD2 and Open Banking? Rowland Manthorpe describes it in a nutshell…

“Open Banking is also part of a sweeping piece of European legislation known as the second Payment Services Directive or PSD2. Sometimes the two get confused: essentially, Open Banking is the UK version of PSD2. The difference is that whereas PSD2 requires banks to open up their data to third parties, Open Banking dictates that they do so in a standard format.”

Open banking pushes the biggest banks out there to finally open up their data to the public. For the UK, this means the 9 largest banks out there–HSBC, Barclays, RBS, Santander, Bank of Ireland, Allied Irish Bank, Danske, Lloyds and Nationwide–have to become a lot more transparent and push out their data in a standardised, secure manner so approved organisations, such as tech Startups, can use the data to make some serious changes.

Considering over 80% of Brits bank with HSBC, Royal Bank of Scotland, Lloyds and Santander, this is big. By sharing secure, open data, the UK payments industry will undergo a metamorphosis.

What does this mean for me?

We should point out, that in order to share a standardised version of your data, the account holder must give consent and can opt out. There are, however, so many pros to opting in. We’ve been sitting on a bed of useful data and doing absolutely nothing about it.

While account holders get to choose what they share, banks don’t. Banks will now have to make certain information public. This can be anything from which of their branches has disabled access to where their branches are located. It will also make it easier to compare the biggest banks against each other with all of their information out in the open.

Banks have masses of data on how we spend our money. They know what we spend and where we spend it. A wealth of information is at their fingertips and could be put to better use.

Sharing this data with third-parties opens up so many doors and possibilities in the product realm and Startups, companies and banks can really start to transform the way we spend our money.

On top of that, services and customer care will improve as a result of transparency. It will also allow customers to have a deeper insight into their accounts and help them to make more informed decisions with their money.

How safe is it?

According to Open Banking Limited, “Open Banking has been designed with security at its heart.” Here are the measures that have been put in place:

  1. Regulation: For an app or website to partake in Open Banking, they’ll need to be approved by the Financial Conduct Agency, or a similar EU agency.

  2. It’s all up to you: You only share your data when you want to, for as long as you want to.

  3. Security: Extremely high-level software and security systems are implemented and tested repeatedly.

  4. Assurance: In the event that fraud takes place, all money lost will be paid back by your bank or building society. Additionally, you’re protected by data protection laws as well as the Financial Ombudsman Service. So if it is technically just as safe as how we currently bank online, surely it is worth the reward? With an increase in customer rights, added security with transactions, and an increase in innovation in the industry promising new products, solutions and services tailored to our spending habits, it seems it’s time to give Open Banking and PSD2 a chance. If you want to enter the future of payments, check out our website. To hear more about the payments industry and business tips and tricks, visit our blog.

Anna Marie Allgaier