Blog article
See all stories »

Open Banking vs. Screen Scraping: looking ahead in 2019

The sharing of customer transactional data in the UK will undergo a significant change in September 2019, with legislation coming into effect due to end the decade old practice of screen scraping.

In the past, screen scraping allowed third party companies to access financial transaction data by logging into digital portals on behalf of a financial institutions' customers. Typically screen scraping involves the third party company creating a mirrored login page, which looks and feels similar to a bank or credit card online login page. The customer enters their login details, passwords and additional security measures like memorable name, which the third party can use to log in as the customer. Once logged into the account as the customer, screen scraping tools copy available data to an external database and can be used outside of the financial institution.

Within the financial sector, this technology has been used by lenders, financial management apps, personal finance dashboards, and accounting products to retrieve customers’ financial data with their consent. For example, a budgeting app uses screen scraping to retrieve the incoming and outgoing transactions in a user’s bank account, powering the analysis it provides on top of this data.

Despite the usefulness of this technology, shortcomings remain in security and speed. Large pools of data can take screen scraping tools 5–10 minutes to retrieve. Passwords and additional security information, once passed to a third party, becomes more vulnerable to loss. As screen scraping tools generally scan the existing consumer-facing web portals of financial providers, a small change to a website can create stability issues for screen scraping tools. Continuity of access can become a significant issue for businesses relying upon scraped data. Nevertheless, given the lack of alternatives, screen scraping has been used widely for a number of years.

This is where Open Banking comes into play. The UK legislation that spawned Open Banking has created an ecosystem where specially regulated third parties work directly with banks and financial insitutions to access account data in a more secure and faster way. The FCA ensures that third parties meet strict requirements for information security, while Open Banking has created a standardised way to share data and collect customer consent.

So how does Open Banking overcome the flaws associated with screen scraping? Open Banking was designed to make the process of retrieving customer’s transaction data more safe and secure in order to open up competition in the banking sector.

  • Security: Unlike screen scraping, Open Banking does not require customers to provide passwords to third parties to access accounts on their behalf. This is an important security upgrade that means passwords are not shared with third party providers.
  • Regulation: Open Banking can only be utilised by third party providers specially authorised and regulated by the FCA. Screen scraping is generally unregulated.
  • Speed: Open Banking significantly reduces the time it takes to access account information. Processes that take screen scraping tools up to five minutes can be completed in seconds with Open Banking.
  • Stability: Open Banking connections are made directly between the third party and the bank, greatly improving the continuity of service.

Open Banking was designed to replace screen scraping as a more secure, faster, and better alternative. With the advent of PSD2 legislation coming into effect in September of 2019, screen scraping will no longer be a viable way to access financial institution transaction data. For companies who need or want to access account data but have yet to adopt Open Banking, the looming deadline should push them to adopt this latest innovation in financial technology.

2019: the end of screen scraping?
5922
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Comments: (3)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 04 January, 2019, 16:21Be the first to give this comment the thumbs up 0 likes

Nobody allowed screen scraping all this while. Not sure how anybody can ban screen scraping now. Put differently, what exactly will happen after Sep. 2019 when a screen-scraping app does exactly what it has been doing before Sep. 2019?

Contrary to your claim, alternatives to screen scraping have been around for years e.g. OFX file format for downloading statement of account. Kublax, a UK PFM that came and went over a decade ago, had used this technology. But screen scraping (e.g. Mint) has always prevailed over the alternatives for whatever reasons. 

Anyway, in the age of FB-CA fracas and widespread data breaches, enough water has flown under the bridge and I strongly doubt whether basic access mechanisms matter anymore. Open Banking Needs A Blockchain Boost  

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 04 January, 2019, 16:30Be the first to give this comment the thumbs up 0 likes

Re. "Unlike screen scraping, Open Banking does not require customers to provide passwords to third parties to access accounts on their behalf." How exactly, then, will consumer allow third-party app to access his or her bank account? By creating one new password for each API being accessed and sharing only that password with the corresponding 3rd party app?? 

Ralf Ohlhausen
Ralf Ohlhausen - PPRO Financial Ltd - London 07 January, 2019, 08:28Be the first to give this comment the thumbs up 0 likes

The UK version of Open Banking forces customers to do all the authentication and authorisation themselves using the bank's user interface.

Replacing screen scraping with APIs is great, but depriving TPPs from acting on behalf of the customer and automating the payment flow defies the whole point of PSD2 and throws the baby out with the bathwater.

The user experience is the key element here and any single unnecessary screen or click can kill the take up. Don't expect mass adoption as long as consumers are redirected back and forth and have to go through more than one screen.