By Mike Peplow, CEO at Paynetics UK

It’s been more than three years since the introduction of open banking in the UK. While a lot’s happened in the payments industry in that time, particularly within the last 12 months, we’ve only scratched the surface of its potential.

Democratising banking services

With the rise of neo and challenger banks in recent years, there has been a surge in the provision of accounts and services available in the finance market.

It’s no longer unusual for consumers to have multiple banking relationships for loans, credit cards and mortgages; and this has extended to the point where consumers are happy to have multiple bank accounts across different providers for their transactional accounts and day-to-day spending.

Indeed, the ‘unbundling’ of banking services has accelerated thanks to the growing wave of fintechs, with a focus on digital-based solutions, enabling banking to be delivered in a similar manner to software services – i.e. without having to set up an actual bank.

The barrier to entry to launch new banking services has lowered, while at the same time the willingness of consumers to ‘try out’ new services from non-traditional providers has dramatically increased.

According to MoneyHub, 42% of financial management platform users now have more than one bank account, while 65% of challenger bank customers continue to have accounts with their existing high street banks.

Mike Peplow

Add to this the shift to e-commerce during the pandemic – which has increased the volume of online transactions, monthly subscriptions, and growth of digital marketplaces – and the opportunity for consolidation services has never been clearer.

The case for more choice

This is where open banking comes into play. Introduced in 2018, alongside new PSD2 regulation, open banking grants access to financial data to third-party developers (provided users give their permission).

By enabling non-financials to develop APIs around existing banking infrastructure, a host of innovative new services and applications are now improving the customer experience.

These ‘universal apps’ aggregate data across multiple accounts into one, easy-to-use platform, offering customers a 360-degree view of their spending and simplifying the ever-growing number of financial touchpoints we encounter in our daily lives.

In doing so, open banking has the power to not only transform the way we track and understand our spending but the very concept of what a bank is and who can provide our financial services.

Replacing BACS

With the use case for open banking beyond question in a post-COVID world, it won’t be long until this technology replaces BACS payments – one of the most common bank-to-bank payment methods available today. BACS currently accounts for around 90% of all regular monthly payments via direct debit transactions.

Open banking allows aggregators such as payroll providers to make payments directly to employees rather than through BACS, disintermediating the banks in the processing of direct debits and standing orders.

And the payments revolution doesn’t stop there. Open banking will also enhance real-time payments, going head to head with the card scheme to enable instant transactions between retailers and consumers.

Request to Pay

While UK consumers can already access faster pay on mobile to make real-time payments from one account to another, open banking will take this technology one step further using Request to Pay (RtP).

As the name suggests, this means users will be able to proactively request payments from other bank accounts. Debtors will receive a notification, via a mobile banking app or similar, detailing the amount owed and due date, thus providing both businesses and consumers with a simple, flexible way to reconcile accounts.

Needless to say, request to pay has the potential to revolutionise invoicing and regular payments. For debtors, RtP offers greater flexibility and convenience, by enabling partial payment options, a better view of outstanding bills and a simpler way to pay.

Meanwhile, payees benefit from greater visibility over cash flow, which in turn can drive more accurate forecasting, reduced billing costs thanks to the switch to electronic invoicing and increased reconciliation.

Merchant adoption

In particular, retailers will be quick to adopt open banking technology, particularly for online purchases, thanks to its lower transaction costs, which should also ensure widespread acceptance among consumers.

By encouraging a higher volume of contactless and digital transactions, open banking can reduce the hidden cost of cash from mishandling, and other inefficiencies, with cash-free payments estimated to save retailers £7.2 million a year.

This transformation within the payments industry couldn’t be more timely, with the pandemic accelerating the shift towards online retailing as well as fundamentally changing the way we work, live and pay.

With consumers increasingly looking for payment solutions that fit around their lifestyle and provide better visibility of their spending, open banking is the unsung hero of current payments innovation and will be key to meeting these expectations in a post-COVID world.

While it might not have made the same waves as the rise of contactless payments or mobile wallets, open banking is quietly reimagining what we today consider to be a ‘bank’ – and that’s just the tip of the iceberg.

Narendra Sahoo, Founder and Director of VISTA InfoSec

Introduction

In recent years we have witnessed a major drift in the banking and financial industry with digitization and growing use of mobile technology. Customers are also embracing the digital means of financial services by moving away from physical cash to digital currency. Customers today seem more comfortable transacting digitally than ever before. But the digitization in the Banking and Financial Industry has also triggered huge cybersecurity challenges for Financial Institutes and Service Providers. It has opened up entry points for cybercriminals to stage attacks and get illegal access to critical data. Today, with digitization and technological advancements, the banking industry has grown out to be more vulnerable than ever before.

Facing numerous incidents of breach and theft every year, cybersecurity now becomes a major point of focus for the Banking and Financial industries globally. Especially, for the emerging new financial players like the Neobanks which runs entirely on a digital banking model, cybersecurity should be their topmost priority. Focusing on this area, we have today written an article listing out some of the potential cybersecurity challenges faced by Neobanks and the future that holds for these emerging financial players. But before that let us first understand what Neobanking is and how exactly does it operate in the industry? This will give us a better perspective of its operational challenges and risk exposure that they face in their business.

What is Neobanking? 

Neobanks are virtual banking service providers operating digitally without having any physical infrastructure like their traditional counterparts. Their offerings are limited to internet-only financial services that focuses on providing its tech-savvy customers the convenience of their cutting edge and technology-driven digital banking services. Neobank offerings are slightly similar to those of traditional banks but limited to just opening saving accounts, payment, and money transfer services, loans, and budgeting, to name a few. The banking structure and business model of Neobanks are different from the traditional ones, eliminating physical infrastructure and automating banking processes. Given below are some of the key difference that will help you understand the concept of Neobanking a little better-

So, while Neobanking helps in overcoming the traditional banking challenges with the ease and convenience of availing services, they also pose huge security challenges. Given below are some major cybersecurity challenges faced by Neobanks.  

Cybersecurity Challenges faced by Neobanks

Without having a robust Cybersecurity measure in place, sensitive data may be at high-risk. For the size and business, they are into, Neobanks cannot afford to invest hugely in full-time security teams. They are dependent on third parties to level their security to the standards of the industry requirements. Given below are some major cybersecurity challenges that Neobanks may have to face

Inadequate budget-

Cybersecurity requires huge amounts of investment. Neobanks are comparatively smaller than the traditional banks and often lack the budget for having a full-time cybersecurity team for monitoring all the activities. Their low investments and budget on cybersecurity may result in weak security measures leading to higher levels of risk exposure.

Third-party dependency–

Neobanks work digitally and are heavily dependent on third-party services to serve their customers. So, with the dependency on the third-party, the risk exposure is significant. If the third-party vendors do not have a tight Cybersecurity measure it may possibly result in compromised security measures and lead to data breach incidents.

Malware- Since the entire banking process is online, a lot of sensitive data passes through the network and digital devices. Networks and devices should be appropriately secured to prevent any incidents of a breach. In case a device connected with a network is compromised with malware, it may pose a huge threat to your sensitive banking data and may result in compromised cybersecurity.

Spoofing-

Spoofing is the latest form of cyber threat wherein the cybercriminals will impersonate the banking website’s URL with a website that is similar to the original one and functions the same way. So when the user enters his or her login credentials the sensitive data is stolen resulting in data theft and unauthorized access to critical information.  It is a common practice adopted by most attackers to steal sensitive data. With Neobanks completely operating online the risk exposure to such scams are high.

Phishing-

Phishing is an attempt made by a hacker to get access to sensitive information such as credit card details by disguising as a trustworthy entity in an electronic communication. Today, online banking phishing scams have evolved significantly, resulting in high profile incidents of scams. With Neobanks completely operating online the risk exposure to such scams are high.

Compliance

Almost all of the Neo banks would be required to comply with standards such as PCI DSS. This would be in addition to the local regulatory compliance such as those concerned with Privacy. In this virtualised environment with low budgets and manpower, adhering with these compliance requirements would possibly be the largest challenge faced by Neobanks.

What the future holds for Neobanks– Our Final thought

As the world goes completely digital, security measures need to be more complex and sophisticated. More so, they need to be updated from time-to-time. Implementing appropriate measures and adhering to industry best practices is one-way, Neobanks can get a grip over the cybersecurity challenges. Constantly educating customers about the evolving risk exposure and ensuring compliance to industry standards (PCI DSS) will go a long way in securing the environment and digital business operations. This brings us to recommending Neobanks to consult industry experts for implementing Cybersecurity measures that do not compromise the safety of customer’s and the institution’s data and money in any way.