Screen scraping is the practice that gave many fintechs their start. A customer allows a third party app to use his or her credentials to log into their bank account as them, then a bot copies or “scrapes” the information.
That information is then used to offer services like account aggregation or budgeting apps, and it has worked out pretty well so far. So what's the problem?
In this video, Karen Holmes, Axway’s Open Banking Product Marketing Director, discusses some of the concerns with screen scraping and why open banking offers a better path forward for the secure sharing of financial data.
“Screen scraping has been around for a long time, and it has evolved over time. There are two ways you could look at the challenges or the problems with it. From a consumer perspective, you've given your credentials to a third party. You granted access, how do you take that access back?
You’d have to change your password or you have to manage that and you don't know who you've given your access to. So there's that complexity, or if you just change your password for a reason, you've lost that connectivity.
From a financial institution perspective, which is the entity that's being scraped, if you will, what if they change their HTML on their web login page?
The connection is broken. So then, the customer is upset because their third party is no longer getting the data that they had granted access to and the service no longer works.
Who do you call? How do you manage that? Also, you've got multiple bots hitting your servers and you have a huge amount of traffic that you have to manage.
And there are obviously security concerns, and we know there are some bad actors out there. So, what are the alternatives to this? What do you do besides screen scraping?
That’s where APIs and open banking come in.
In the U.S. specifically, the regulators at the CFPB made an announcement last year basically stating that they'd like to eliminate screen scraping and pursue a common API.
This would be a standardized API where the banks can grant access to the data in a secure manner.
Now, how does the industry move forward for that?
And the smaller entities, the smaller banks and credit unions, how do they manage this? They have an issue with not necessarily having the technical resources to deploy new APIs and allow access to new APIs, so there's a concern there and they want to phase this in.
What we're talking about with open banking is really providing a platform where customers of varying sizes can adopt and become competitive in this market.
Typically, the big players are the ones who can dominate the market with their technology and their large IT departments.
So, what's the solution so that all banks, whether they be a small credit union, community bank, a multinational bank, how do they participate in this whole open banking ecosystem?
That's why at Axway we've developed a product called Amplify Open Banking, which provides preconfigured consent management so that you can revoke or grant access to data, and includes the developer portal on our Amplify Enterprise Marketplace platform so that your APIs are easily discoverable to the whole ecosystem.
And then we also provide the API written to the prevailing spec, which we believe is FDX for the U.S. and North America, for Canada as well. FDX does an update twice a year, so we keep that updated, and as they start to do more conformance testing, we'll be participating in that.”
About the AuthorFollow on Linkedin More Content by Karen Holmes