There’s been a ton of buzz around Open Banking, Open Data, and Open APIs or Open Banking APIs—but what does it all mean? From what exactly is an API (and why they’re so special), to how Open Banking will change how users connect with financial institutions (FIs). You’ve asked your questions, and we’ve done the research to help answer them.
In this blog, you’ll learn all about this new technology, including topics such as:
- Standard Data Aggregation
- The Transition to Open Banking
- APIs and Open APIs
- Intro to OAuth
- The Security and Legal Implications of Open Banking
Let’s dive in, shall we? First up—the current state of financial data connectivity.
Standard Data Aggregation
Screen scraping occurs when a user provides permission for a business or FI to use their credentials in order to transfer the financial data required to access a financial product from a third-party company. Through this process, Flinks is actively able to connect its end users with FIs.
Screen scraping was the primary way Flinks and other financial data aggregators were able to bypass the need for users to ask banks directly for their data. For example, if you’ve ever applied and received a line of credit from another branch of your bank, you may know first-hand how tedious this process can be. Without aggregation, bank branches are required to photocopy and fax all necessary documents. And oftentimes, are not in a rush to do so.
Screen scraping relies on Flinks’ ability to adapt to an institution's everchanging security protocols. This, in turn can sometimes mean there’s downtime and failed connections.
The Transition to Open Banking
So why Open Banking and how exactly does it work?
Open Banking is the end goal of Flinks and our innovative partners. To put it simply, users are able to instantly and securely transfer their financial data to and from any financial institution or company without the use of credentials. Open Banking ensures data portability rights for consumers to use and move their data as they choose. This is the first step towards an Open Data world where end users own and control their own data from any company.
APIs and Open APIs
You may be wondering what technology is powering Open Banking. This process is accomplished through two key technologies, the first being APIs:
1. APIs
APIs, or Application Programming Interface, define how two applications send and receive information from each other.
APIs are how our customers currently connect to Flinks today. Customers can also leverage Flinks' data through our client dashboard.
2. Open APIs
Open APIs, or Open Banking APIs, are an aspirational goal where all APIs are designed, described, and documented the same to ensure smooth connections and interactions between applications. With an Open API, you can easily connect any two applications with publicly available documentation on how to do so for each application, with each API closely mirroring one another.
Leveraging Open APIs For Open Banking
With a consistent API system, data connectivity between FIs and Fintechs would be streamlined. Open Banking APIs can enable a consistent experience for end users accessing financial products, and ensure the connections to those products are available for all. Flinks, ahead of Open Banking legislation in North America, has built the first Open Banking connections in Canada (most recently with EQ Bank) with APIs and a secure technology called OAuth.
Intro to OAuth
OAuth is “an open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.” OAuth acts as an automated security checkpoint between the APIs to ensure the data being transferred between applications has been authorized by the end user. The data transfer must also be in-line with the data scope,which defines what financial data can be transferred, outlined by the institutions and the end user.
OAuth also bypasses the need for sharing banking credentials. The end user instead accesses their bank directly as part of their onboarding process. Flinks receives the authorization and creates a token to provide the requested application access to the user-permissioned data.
Why Flinks OAuth?
Flinks OAuth Connectivity empowers end users to access financial products and services faster, and more securely than ever before. Without needing to share bank credentials, end users will feel confident accessing your products and services—which can only mean higher adoption rates.
By eliminating credential sharing, OAuth increases trust while providing stable connections that boast a +99% connection rate and near-zero downtime. With increased connectivity and security for your customers, you'll be able to provide a frictionless authentication and onboarding process for your financial products. In turn, this will increase your conversion rates through better connections, higher user trust, and less errors.
The Security and Legal Implications of Open Banking
The international banking community is gaining momentum in the adoption of Open Banking legislation, with the UK and Australia already implementing an Open Banking Standard mandated by the government.
Open Banking legislation focuses on doing two things:
1. Moving Away From Screen Scraping
Screen scraping was the first step towards Open Banking but it still requires credential sharing. However, if screen scraping has ended, there needs to be an alternative way for end users to share their data.
2. Mandating Open APIs
If screen scraping is being deprecated, an Open API mandate ensures every bank can be connected to every digital financial application, enabling an end user to access any financial product or service they’re qualified for directly.
Consistent access to the financial products they choose makes Open Banking work for the end user. Open APIs enable consistent OAuth connections, and OAuth connections provide a safer, faster way to connect that doesn’t involve credential sharing. As a result, end users will have access and visibility to more options.
Open Banking Legislation in North America
The United States has yet to announce Open Banking Legislation or a timeline to implement it. However, Flinks has OAuth Network coverage for 50% of bank users in the country. This is due to a steadily growing demand for OAuth Connectivity from both our fintech partners and end users.
In Canada, things are moving more quickly, most recently appointing Abraham Tachjian as the Open Banking lead to “develop a ‘made-in-Canada’ regime based on the recommendations in the final report of the Advisory Committee on Open Banking.” In fact, the Advisory Committee appointed by the Government of Canada to review Open Banking “delivered its findings in a final report to the Minister of Finance in April 2021. It provides recommendations on implementing a secure Open Banking framework by January 2023.”
Open Banking is coming to Canada. And should it be through legal obligation or a mission to find the most frictionless way for end users to connect, Flinks Open Banking Ecosystem is the future of Canada’s Open Banking.