Insight: How Open Banking’s arrival is driving the pace of innovation across EMEA
The arrival of Open Banking introduces fundamental changes to the payment and financial services industry. Open Banking has a clear objective of driving innovation and development in the market right across the EU, while promoting competition, reducing consumer costs and, of course, improving the security of payments and the protection of customers. But it demands increased security – and that is driving innovation, particularly as regards authentication.
Authentication: the essential elements
To help increase the security of electronic payments, the directive promotes the creation of reinforced authentication systems for users, commonly known as Strong Customer Authentication (SCA). It means the new processes must contain at least two of three critical authentication factors:
- Something that only the client knows, be it a security key, answers to personal questions, access PINs, control sequences and so on;
- Something that only the client has– a possession requirement – generally the device from which the payment is made or authorised;
- Something that the client is– an inherence requirement.
This last element brings the need for more innovation, given it’s not only confined to fingerprints or facial recognition; biometric patterns and navigation of the device are also considered valid as an element of authentication. The European Banking Authority has also added a further element known as Dynamic Linking. This means that the authentication must be translated into a single use code directly linked to a transaction with a specific beneficiary and a determined amount. It means in practice, that the possession factor will always be needed to determine accurate authentication and validation.
Managing risks and leveraging data in the OB arena
In this new Open Banking/PSD2 landscape, there are risks for the financial services sector. The word ‘seamless’ is often used to represent the ideal digital onboarding and payment processes from the viewpoint of the customer. And that is because greater friction may be created throughout the customer experience as stiffer control sequences are added. This is a particular issue with mobiles and hand-held devices, where 3D Secure checks can redirect the user to a web address not generally optimised for the device.
Successful transactions and near real-time risk evaluation now need to be underpinned by far richer information and data sets. Somewhere upward of 100 elements relating to shipping addresses, device ID, transaction history, and biometric patterns are expected to be the mandatory benchmark. The customer experience will also need to be safeguarded and continue to be frictionless, because redirections, or additional interventions, simply won’t be tolerated by many consumers.
Regulatory and customer challenges will clearly modify and accelerate the pace of technological change in approaches to fraud and risk management. These are areas in which Experian already has a proven track-record. Experian’s Trusso solution – which will be demo’d at the Experian stand during this year’s Open Banking Expo – is one example, a real-time categorisation engine that is helping our clients to successfully, swiftly assess such issues as affordability, and seamlessly onboard new customers.
Interest piqued? Here is our UK Case Study on Trusso which includes more information.