Ensuring data privacy and security in open finance.
Open finance may include everything from savings and payments to investments and insurance, and is the natural next step on data sharing within financial services. In this blog post we will explore the importance of data privacy and security in open finance and its implications for the insurance industry, providing recommendations on how we can ensure that data privacy and security are adequately protected.
To reach its full potential, open finance needs to be based on data protection, privacy and security. Consumers deserve control over their personal financial data as it empowers them and allows them to benefit from tailored and targeted services. Nonetheless, the control over financial data also poses potential risks. Thus, the current rapid rise of open finance has coincided with concerns about compliance and security.
Data sharing with third parties requires transparency and security.
The GDPR framework must underpin the work on data sharing. It is important to minimize potential risks by ensuring compliance, security, privacy, data quality and integrity.
The open finance industry is acutely aware that the sharing of data comes with inherent cybersecurity risks and potential for data leaks; just as the holders of this data also face these same risks. We recognize the importance of clear rules and regulatory governance in order to mitigate risks and successfully implement open data sharing.
On our part, we:
- Have instituted strict and modern cybersecurity and data protection techniques throughout all of our systems and products.
- Provide consumers with a clear understanding regarding what information is being shared, as well as how and for how long it is shared.
- Advocate for clearer rules and regulations regarding open insurance to make our industry transparent and allow everyone involved to share the benefits. After all, Insurely was founded to create win-win situations for consumers, insurers and third parties – by putting the consumer first.
Security and trusted consumer authentication is also key for a well functioning open finance industry. Some markets in the EU, like in Sweden, have implemented a single sign on digital ID authentication process for all financial authentications a consumer has to make (e.g. BankID in Sweden, ItsMe in Belgium). These types of eID single sign on authentication technologies make it possible to share sensitive authentication information securely when a consumer initiates a data collection process in an open finance context. We welcome the regulatory push by eIDAS to create these safe and trusted eID authentication methods for all EU markets and believe that it will be critical in helping open finance become a long term success.
Data-enabled insurance should mitigate privacy risks.
Sharing the right types of data is critical to making sure that opening insurance data is a success within an open finance framework. Some use cases discussed in the broader open insurance context require opening up data which puts consumer privacy at risk, for example:
- Insurance products based on IoT devices. They have great potential, but also raise concerns over financial exclusion and privacy, as well as potentially leave the door open to malicious actors which could lead to data abuse.
- Use cases based on a consumer's medical or health insurance policies. This data is inherently sensitive and should be potentially excluded from any data sharing initiative.
For consumers, open finance will make it easier to compare and switch between different providers. Increased competition will likely lead to better deals and improved services. As open finance gives consumers control of their data, companies and financial institutions can offer solutions that mitigate fraud and risk and enable personalized experiences – ultimately improving the financial lives of their customers.
Thus, the upcoming framework for Financial Data Access (open finance) must offer a standardized method of exchanging personal and non-personal data, and provide security for all parties involved.
With the proposal on a framework for Financial Data Access (open finance) around the corner, we will continue engaging with all relevant stakeholders in the open finance ecosystem, voicing our fruitful discussions on the upcoming framework for open finance – one that can both empower consumers and pave the way for innovation.