How will open banking, also known as banking as a service, affect the financial fraud fight?
Daniel Cohen, head of RSA's fraud and risk intelligence product suite, says open banking, which opens up banking platforms to providers outside the financial services arena, will unquestionably increase transaction volume as consumer banking convenience reaches an all-time high. But that increased transaction volume will pose more opportunities for fraud and challenge banking institutions to shore up their authentication methods for validating users as well as the devices they use to make transactions.
In Europe, PSD2, the Revised Payment Service Directive, which takes effect this year, will push banks to adopt open banking by working more closely with third-party fintech providers. But open banking has already picked up steam in the U.S. and is starting to garner attention in other parts of the world, as well.
"Now banks are going to be opening up new ways, new channels and businesses to allow their customers to connect," Cohen says in an interview with Information Security Media Group. "Developing this ecosystem of third parties that offer those efficient services, the consumer is going to become key in the strategy. So all of these new channels and services are going to be creating a lot of convenience for consumers, and we know that convenience drives transaction volume."
Banking as a service will allow customers to transact with their bank accounts more often and via more channels. "That's going to drive two significant challenges with fraud in mind," Cohen adds. "The first is, obviously, trust. How do we trust this digital entity? ... Then, second, and more from an operational perspective, if we are predicting that transaction volumes are going to grow, then, obviously, fraud cases, and I'm talking in real numbers, are also going to grow significantly. And then there's the whole operational question of, 'How do we manage and mitigate the fraud that the bank is suffering?'"
The Right Investments
To manage fraud, financial institutions will have to shore up their methods of trust through stronger user authentication, Cohen says. Banks also will need to make investments in fraud-detection tools, anomaly detection and risk-based analysis, he says.
"Together, that will be the only way to start trusting these digital identities," Cohen says.
In this interview (see audio link below photo), Cohen also discusses:
- How open banking will fuel more threat-intelligence sharing and collaboration among institutions;
- Why regulators are pushing for more open-banking standards and platforms; and
- Why identity, on its own, is no longer enough to create and establish trust.
At RSA, Cohen focuses on adaptive authentication, threat detection and fraud. In previous roles, Cohen led RSA's FraudAction business unit, which provides anti-fraud services, including phishing and malware attack handling and cybercrime intelligence operations to hundreds of organizations worldwide.