Fidelity is committed to helping the financial services industry leverage technology to assist customers with securely sharing their account information with financial-related apps, websites and services of their choice. For example, our efforts to address screen scraping were in close collaboration with many financial organizations and industry leaders in the open banking and open finance ecosystem. The financial services industry has collaborated on new developments to ensure open finance practices also embrace customer data privacy and security.
Attendees of the recent FDX (Financial Data Exchange) Global Spring Summit, CSAIL Alliances Annual Meeting and APIdays New York 2024 were able to hear the findings, takeaways, and guidance from these collective efforts in the finance and technology-focused panels and workshops.
Fidelity joined data security and technology leaders from Chase, Intuit, MIT, Capital One, Mastercard, Visa and Morningstar onstage at these recent events. The discussion explored how to use the latest technologies to support open finance and open banking, which is top of mind as the industry moves toward more secure practices for customer-directed data sharing.
Fidelity has long advocated for continued improvements in customer-directed data sharing practices, supporting customers gaining increased control when electing to share their financial data with apps, websites and services that they’ve chosen to use and supporting the use of more secure methods when their data is shared. During the season of technology conferences, speakers onstage highlighted four key themes on the path to improved practices and protections for customer-directed data sharing:
- Consent: Speakers emphasized the importance of data providers capturing customer consent and authorization when sharing data, which can lead to stronger data security and improved user experiences. Similarly, when a customer authorizes an app, website or service to access their account data, it is important that the app, website or service provide clarity and transparency regarding its use of the customer’s data. These disclosures and consents should provide transparency and granularity for customers to know the type of data that they’ve authorized to share and purposes for which the shared data will be used.
- Frictionless data sharing: Biometrics, mobile consent and other technology frameworks have helped eliminate the need for consumers to enter their passwords or credit card credentials multiple times, which makes it easier for customers to initiate and complete their desired banking activities.
- Traceability: Research from MIT's Future of Data1 initiative discussed data traceability, a concept intended to ensure that once a customer grants a third party permission to access personal data, that customer will know where the permission travels and ends, as well as ensure the data is used only in the way it was originally intended. In cases of third-party risk management of data, the ability to trace the travel of data can help foster trust and security.
- Data minimization: As more recipients of customers' data choose to use intermediaries to access and obtain customers' account data from financial institutions, the accumulation of those details can turn into risky honeypots for nefarious means. Ensuring that data passes through (and is not retained by) various intermediaries that play a role in the customer-directed data sharing ecosystem can help minimize vulnerable data. Additionally, giving customers the ability for real-time removal of their consent and notifying the ecosystem parties that the customer has revoked their access to the customer’s data will also help reduce accumulated data.
As the industry continues to develop and embrace developments in standards and practices for open banking, there will be new projects ahead to bring to customers traceability, and more security and control when it comes to their financial data. The work is not over, and Fidelity is dedicated to positive outcomes for customers and industry stakeholders. As part of its commitment in the data security space, Fidelity continues to advance new frameworks and technological approaches to ensure streamlined customer experiences and enhanced security and control when using Fidelity’s customer-directed data sharing capabilities to share their account data.
For more information on Fidelity’s open banking and data aggregation accomplishments, please read more here: Fidelity Takes Steps to Address Screen Scraping.
#####################
1 https://futureofdata.mit.edu/otrace/ Note: You are leaving Fidelity.com for another website. The site owner is not affiliated with Fidelity and is solely responsible for the information and services it provides. Fidelity disclaims any liability arising from your use of such information or services.
Fidelity Brokerage Services LLC, Member NYSE, SIPC, 900 Salem Street, Smithfield, RI 02917
Fidelity Distributors Company, Inc, 900 Salem St., Smithfield, RI 02917
National Financial Services LLC, Member NYSE, SIPC, 245 Summer Street, Boston, MA 02110
1155921.1.0