RegionsEEAAre you ready for the security obligations of PSD2?

Are you ready for the security obligations of PSD2?

An open letter to the banking industry, which is far from prepared for the wide-ranging impact of open banking.

As we close out 2016 and welcome 2017 as a year fresh with promise, it’s impossible to ignore the fact that Europe’s new revised Payments Services Directive (PSD2) is a reality that still looms large and uncertain in our future.

Even if passporting isn’t negotiated as part of Brexit and as a result PSD2 doesn’t come to fruition (a distinct possibility), open banking is nonetheless here to stay. Frankly, it’s about time – the industry is long overdue for a more competitive environment. Open banking will encourage exactly the type of innovation necessary to stimulate the development of new business models, as well as a wide range of new banking services.

But are banks really ready for all of the ramifications that open banking brings? In many cases, the answer is a resounding ‘no’ – although not for the reasons you’d think.

While everyone has been talking ad nauseam about the innovation and competition aspects of open banking, one critical impact has been notably absent from the majority of discussions, and that’s security.

Open banking throws the doors wide open to sensitive, valuable customer data and payment infrastructure. It’s easy to overlook the security implications of that fact when access is only being granted to appropriately regulated organisations, but let’s be realistic. The industry is already in an arms race with hackers, fending off attacks of every conceivable type. Who knows what kind of havoc can be wrought with free access to customer data and an open payment infrastructure; things we couldn’t even imagine. There’s already been talk about the risks of fraudulent third-party providers (TPPs) – what next?

Convenience versus security

In fairness, one of the main goals of open banking is actually to increase the security of payments. PSD2 specifically includes key security considerations, such as mandatory use of two-factor authentication; security incident reporting to both regulators and customers; as well as mandatory security assessment reporting to regulators that addresses security measures and their effectiveness.

All this provides some level of reassurance, but it certainly doesn’t relieve banks of the responsibility of making sure that their systems are properly secured against the potential barrage of inventive new attacks that could come – for example implementing behaviour monitoring technology to ensure that incidents of fraud can be identified and stopped before doing any damage.

There’s no question that open banking will change the payments industry as we know it, promoting innovation and driving competition like never before. It will make payments easier than ever. But convenience shouldn’t come at the price of security. Banks need to seriously consider the security threats of open banking – and they need to prepare for those threats now, before it’s too late.

* For more on PSD2, click here.

Related Articles

Digitisation and technology upgrades are top treasury priorities

Banking Digitisation and technology upgrades are top treasury priorities

1w Jay Ashar
Open Banking: The future of treasury?

Open Banking Open Banking: The future of treasury?

2w Tom Lemmon
Non-banks become largest recipients of international credit for first time

Corporate to Bank Relationships Non-banks become largest recipients of international credit for first time

2w Jay Ashar
Open Banking will “dramatically” change the way treasurers work

Open Banking Open Banking will “dramatically” change the way treasurers work

3w Tom Lemmon
Open Banking: Big tech, bank tech or fintech?

Open Banking Open Banking: Big tech, bank tech or fintech?

4w Austin Clark
Treasurers witnessing the coming together of man and machine

Cash Management Treasurers witnessing the coming together of man and machine

4w Jay Ashar
Open Banking - the great enabler

Automation Open Banking - the great enabler

1m Austin Clark
Unlocking the Open Banking potential

Open Banking Unlocking the Open Banking potential

1m Austin Clark

Whitepapers & Resources

Are You Ready to Implement your GRC Solution?

Are You Ready to Implement your GRC Solution?

4m
TIS Sanction Screening Survey Report

Payments TIS Sanction Screening Survey Report

1m
The Challenges of Regulatory Reporting

Brexit The Challenges of Regulatory Reporting

7m
Mitigating Costs and Exposure - A Multilateral Netting White Paper

Mitigating Costs and Exposure - A Multilateral Netting White Paper

6m