Privacy of client data, cybersecurity and innovation at risk if European Banking Authority (EBA) standards are dismissed and screen scraping continues.
The European Banking Federation (EBF) has asked the European Commission not to dismiss a key recommendation by the EBA on future electronic payments in the European Union. The EBF fears that the privacy of client data, cybersecurity and innovation are put at risk if the Commission does not fully endorse the EBA standards.
PSD2 introduces a general security upgrade for third-party access to a client’s data, bringing an end to practices known as ‘screen-scraping’ [VIDEO]. Such services, seen as a first-generation direct access technology, let third parties access bank accounts on a client’s behalf by impersonating while using their access credentials. PSD2 calls for the creation of a technology-neutral level-playing field for banks and fintechs, new and old.
The proposal requires banks to opt for either creating a ‘dedicated interface’ that lets third parties access bank accounts on behalf of clients, or to upgrade their client interface.
These solutions would replace the old practice of screen-scraping. They ensure the continuation of direct access services in the EU in a secure way by empowering clients to decide for themselves which data can be accessed by third parties.
The EBF sees the EBA standards as a common solution that ensures security and as a significant catalyst for innovation into the future in the European payments market, fully compliant with the EU’s General Data Protection Regulation (GDPR).
The European Commission appears to be willing to go against the EBA advice and may let screen-scraping continue by requiring banks to accept screen-scraping as an additional mandatory direct access method, forcing banks to maintain at least two interfaces.
„Banks are deeply concerned over this development and fear that such a choice would harm the development of electronic payment services. It would come at the expense of innovation in payment services and would make it more difficult to protect the privacy of account holders.”, according to the press release.
Says Wim Mijs, Chief Executive Officer of the EBF:
“The development of PSD2 can be compared to designing a new plane. You develop highly secure, innovative and sophisticated systems to make it fly. But what happens now, in the final development stages, is that the designers are required to put a heavy diesel generator on board. This plane then becomes too heavy to fly. If banks are forced to accept screen–scraping then PSD2 will never fly the way it was intended.”
Both banks and new entrants in financial services technology are actively engaged in an industry-wide effort to develop common processes and standards. The forum for this cooperation is the Working Group on Payment Initiation Services of the Euro Retail Payments Board, created by the European Central Bank.
What is screen-scraping?
Anyone interested in electronic payments should know that technology can provide ‘direct access’ to your bank accounts. It is a technology that only has been available for a number of years and one that still is surrounded by many risks and unknowns. Who is responsible when something goes wrong? Is this access really secure? What about your privacy as an account holder?
Cyber-security and privacy are issues that need to be addressed. After all, client expect their bank to protect their personal data.
This video explains what screen-scraping is and makes clear the potential risks.
About the EBF
The European Banking Federation is the voice of the European banking sector, uniting 32 national banking associations in Europe that together represent some 4,500 banks – large and small, wholesale and retail, local and international – employing about 2.1 million people. EBF members represent banks that make available loans to the European economy in excess of €20 trillion and that securely handle more than 300 million payment transactions per day. Launched in 1960, the EBF is committed to creating a single market for financial services in the European Union and to supporting policies that foster economic growth.
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below: