Trust is complex and exists on many different levels. Who should we trust and why? What are the motivations for trust and how is trust transferred?
In the context of financial services, we trust financial service providers we have been doing business with to use our data responsibly and hold it securely. This trust may have been built over a long period of time and if we lose trust in an organisation, we will probably take our business elsewhere.
Motivating factors can range from a financial service provider being dependable, acting within its given remit or simply dealing with issues swiftly and fairly.
Trust can be extended through endorsements and memberships. For instance, if an organisation is a widely used and recognised brand, if it belongs to a trusted professional body or, if it is a regulated organisation, then we’re more likely to trust it.
So, how do you ensure trust in an Open Data economy, where business is conducted online, instantly and automatically via APIs and where participants never physically meet each other?
In open ecosystems, rules and standards are the foundation for building trust and security. These rules and standards need to ensure programme participants know whom they are communicating with, are authorised to participate in the relevant programme(s) and, have the permissions to carry out the services being requested.
Trust and security requirements need to also ensure that an eavesdropper cannot view the content of transactions, that the data sent is the data that will be received, and that the data has come from the expected source.
On a more granular level, user authentication establishes the identity of users participating in a programme, consent management dictates that user consent has been obtained prior to any data being requested and, regulatory compliance ensures adherence to relevant financial regulations and industry standards are maintained.
Trust is built on consistency and predictability, so a trust infrastructure within an open ecosystem promotes standardised APIs and data formats, conformance, and protocols to enhance interoperability between participants. High levels of system resilience to minimise downtime and ensure continuous access to financial data and services are also important for building trust in the wider framework.
What roles do Directory Services play?
Directory services act as a central repository of information about financial institutions and third-party providers, and the permissions and associated regulated authorisations that they have been granted. They enable secure data sharing, fostering trust among participants. Central directories provide all the essential services to help establish trust, ensure compliance with regulations, and facilitate secure communication and data exchange between the various participants. The benefits are multifold.
Central directory services streamline the connectivity process, providing a single source of registered entities, enabling participants to discover and verify legitimate financial institutions and third parties, making it easier for them to communicate and exchange information in a secure environment.
By providing a common infrastructure for identity management and regulatory compliance, directory services can also reduce duplication of effort and cost for individual financial institutions and third-party providers, leading to cost savings and operational efficiencies.
Open Finance initiatives are often subject to strict regulations to safeguard customer data and privacy. Central directory services can help deliver a standardised approach, ensuring compliance with regulation by checking participants’ authorisation status, in real-time, in a standardised and auditable manner.
They are also important for reducing complexity and simplifying the integration and collaboration between traditional banks and emerging fintechs so competition and innovation can be promoted by enabling new and innovative financial services to be developed and offered.
In time, as ecosystems evolve and expand to include more participants and services, centralised directories can efficiently handle the increasing scale and complexity of these systems, adapting to the changing needs of the industry.
Together with a trust infrastructure, directory services are a fundamental component of an Open Finance ecosystem as they provide the necessary framework for secure and efficient data sharing, foster innovation, and deliver a seamless experience to users, while adhering to regulatory requirements.
Of course, all these benefits are meaningless unless consumer and business confidence are high. If the consumer doesn’t feel safe and secure, they will not engage with the services on offer and adoption will be low.
Education is key to the growing usage of secure and trusted open ecosystems with directory services as a core component. This is education on the benefits that a secure data ecosystem can deliver to users, consumers and businesses alike – whether that be access to tailored financial products and services, or improved visibility of spending patterns and behaviours.
At Konsentus, our mission is to enable innovation and unlock the potential of the global data economy through our robust, secure and reliable technology that enables safe and trusted data exchange within secure open ecosystems.
Paul Meadowcroft is head of product at Konsentus
Read our Q&A with Jim Wadsworth, executive vice president, strategic market development at Konsentus, as he prepares to speak at Open Banking Expo UK and Europe.