Banking & Finance

From screen scraping to open banking: a more secure and innovative approach to financial data sharing

From screen scraping to open banking: a more secure and innovative approach to financial data sharing

A version of this article was first published in a BAI Executive Report.

There is no doubt that screen scraping played a pivotal role in early fintech innovations; it made account aggregation, personal finance and investment management apps, and effective loan comparison services possible. But while these apps gained popularity and served as early pioneers in the fintech space, screen scraping can be problematic.

Meanwhile, the industry is shifting towards more secure, standardized methods like open banking APIs to access financial data. Here’s how banks can seize the opportunity and take their place in this new ecosystem.

The problem with screen scraping

Screen scraping involves copying information displayed on a screen and repurposing it for other uses: banking customers share their login credentials with a third party, which uses bots to log in on their behalf and extract data from their bank’s website or application interface.

It’s how personal finance management apps early on collected data from a customer’s different bank accounts and loan services to give them a full picture of their finances on a single, user-friendly platform.

Except, it doesn’t always work the way it should.

Frequent changes in bank login pages and interfaces can lead to disruptions and failed transactions for third-party providers, causing frustration for both users and providers.

What’s more, banks soon found that a significant portion of their server resources were consumed by screen scraping activities initiated by various third-party financial apps. This led to slower response times and occasional service disruptions for all customers.

Especially problematic is the fact that screen scraping requires a user to hand over their credentials. This extends a bank’s risk perimeter, leaving IT teams with limited control over how the scraping apps handle sensitive information.

On the other hand, customers are now accustomed to the convenience of digital financial interactions. If banks are to be guardians of trust, they need to securely enable these experiences while putting customers in control of their individual data. They need to be able to manage user consent and ensure data privacy and compliance.

Open banking is the vehicle to standardizing and securing financial data

It’s in this context that open banking emerged as a more secure and efficient solution.

Application Programming Interfaces (APIs) are how software applications, systems, or services “talk” to each other, exchanging discrete data elements. They are the enabling technology for open banking, making it possible to securely access and use a customer’s financial data with their consent.

Open banking answers the pitfalls of screen scraping in several ways:

Security. When financial institutions use dedicated APIs with standardized security protocols, they can ensure encrypted data transmission, authentication mechanisms, and access controls. And users don’t have to hand over their credentials.

Efficiency. APIs provide direct access to specific data elements, eliminating the need to parse entire web pages. Whereas screen scraping collects unnecessarily broad sets of data, an API can retrieve specific account information such as balances, transaction history, or account details.

This modular approach improves data accuracy, reduces errors, and enhances the overall speed and efficiency of retrieving financial information and putting it to use.

Governance. APIs give banks greater control and oversight of how their customer’s data is accessed and used by third-party providers. Admins can define the scope of access granted to third parties and establish mechanisms to monitor and audit data usage.

Customer control. APIs allow a more consent-driven approach thanks to granular access controls and consent mechanisms. Customers are empowered to manage their data sharing preferences and revoke access if needed, so that their personal financial information is not shared without their explicit permission.

Standardization. If financial data is to be freely exchanged, then players must be speaking the same language. A common, open API standard facilitates the exchange of data while adhering to industry-wide security protocols such as FAPI (Financial-grade API) and OIDC (OpenID Connect).

Initiatives like the Financial Data Exchange (FDX) are leading the way in establishing common standards for open banking, fostering collaboration across the financial ecosystem. Today, the North American market is resolutely marching toward adoption of open financial APIs, with the FDX standard emerging as a front-runner.

For these reasons, regulators worldwide also recognize the need to move away from screen scraping. Canada’s government is launching an open banking framework to eliminate screen scraping, while the United States’ Consumer Financial Protection Bureau (CFPB) is gathering feedback for an upcoming open banking rule.

Learn more about capturing the embedded finance wave without screen scraping.

Look beyond compliance to the opportunity of open banking

Embracing open banking certainly aligns with the regulatory goals of interoperability. It also prevents the emergence of a single dominant player, fosters innovation, and gives financial institutions access to actionable intelligence they do not have today.

For banks to leverage the full value of open banking APIs, it will take more than simply developing a few APIs and publishing them to a developer portal.

A true shift from screen scraping to APIs requires treating those APIs like the valuable digital assets they are. An API marketplace – a digital storefront for APIs and other digital assets – allows banks and other financial institutions to showcase their assets as business capabilities to developers.

See also APIs in financial services: keys to successful adoption

Marketplaces help banks fulfill the technical requirements of open banking, increasing security and governance by bringing all APIs – FDX and proprietary – together in one place. They allow banks to reduce manual onboarding support processes, create and track API Products more effectively, and gain insights to adapt to the market faster.

But beyond gains in operational efficiency, an API marketplace helps banks draw real value from open banking. They are in a better position to access previously untapped customer segments, monetize APIs, and earn rich insights.

The road from screen scraping to open banking is full of possibilities. If banks take a business view of APIs and make it easier for internal developers, partners, and third parties to adopt them, they will thrive in an expanding financial ecosystem and discover new avenues for growth and customer engagement.

Discover more resources for the successful adoption of APIs in financial services.

Key Takeaways

  • Screen scraping, once vital for fintech innovations, faces disruptions due to changing bank interfaces, consuming excessive server resources, and posing security risks by requiring user credentials.
  • Open banking, facilitated by APIs, offers encrypted data transmission, efficient access to specific data elements, enhanced governance, and customer control.
  • Regulatory bodies worldwide, including in North America, are moving towards open banking standards to eliminate screen scraping risks.
  • Embracing open banking requires a shift from screen scraping to APIs. Banks can leverage API marketplaces to showcase digital assets, enhance security and governance, reduce manual processes, and gain valuable insights, enabling them to thrive in the evolving financial ecosystem.