Bank customers across Australia, Hong Kong, New Zealand, the Philippines and Taiwan rank data security as the issue that matters to them most about their bank (2019 APAC Banking Insights survey). Yet open banking fundamentally relies on consumers giving permission for their financial data to be shared with a network of financial service providers in order to access new products and services and perhaps get a better deal.
Given these fears of data security and privacy, it is critical that banks ensure that the entire supply chain of their financial services ecosystem is adequately secured against malicious and accidental breaches if they are to gain customers trust to protect their data.
Regardless, the momentum for open banking across the Asia Pacific is growing, as new open banking frameworks are introduced globally and in the region. Aside from stimulating competition among banks and financial services providers, customers are gaining more control of their data than ever with data transparency and convenience:
It should be noted that these changes are coming about against a backdrop of high profile privacy breaches and substantially stricter privacy regulations around the globe. For example, the EU’s General Data Protection Regulation (GDPR) is already influencing local privacy and open banking standards across the Asia Pacific, with Singapore and Australia taking lead to enhance existing privacy laws via Singapore’s Personal Data Protection Act (PDPA) and Australia’s Consumer Data Right (CDR). In addition, in many countries across Asia, governments and financial regulation bodies are driving the security agenda in financial institutions by setting formal standards and requirements for banks to be accountable for, and take appropriate steps to protect, customer data.
All is not lost, however. According to Deloitte’s Australian Privacy Index 2018, 41% of those surveyed said they were comfortable allowing a brand to transfer their personal information if they trust the brand and there are benefits in doing so. Of course, this still translates to a majority (59%) who remain unconvinced.
Open banking needs zero-trust security
For banks to deliver the benefits of open banking without compromising the security of customer data and system integrity, they need to be cognisant of the increased risks of data breaches and security incidents that occur within this changing environment. They must focus on not just preventing breaches, but also minimising their impact if they should happen – and the reality is that they will happen.
According to the 2019 Unisys Security Index™, data security is the biggest concern for consumers in every country surveyed. If open banking is going to achieve its potential, banks need to adequately secure their entire supply chain ecosystem against malicious and accidental breaches.
A zero-trust approach to cybersecurity is increasingly being adopted across many industries, but may arguably be more valuable for the banking and financial services sectors. The idea of a secure network perimeter is fast-becoming an outdated idea, so banks must take their security measures to the next level by turning to new strategies such as micro-segmentation, machine learning, and secure authentication measures.
The power of choice is now in the hands of the consumer. And data security, and how organisations behave if they do suffer a breach, will play a key role in determining who they will bank with.