Blog article
See all stories »

Open banking opens the door to fraudulent activity. How can it be combatted?

Open banking not only opens up a world of opportunity for financial services companies seeking to improve the customer experience, but also presents a potential gold mine for fraudsters, particularly through identity fraud.

With more financial institutions than ever before sharing customer data in the open banking world, some of it fraudulent, there’s a danger other banks could be ‘infected’ with this data and lose, along with customers who have had their ID stolen, a significant amount of money as a result.

The statistics on ID fraud make for sobering reading. Cifas, the fraud prevention service, highlights that the number of identity frauds reported by its members in the UK are currently fluctuating at around 175,000 cases per year over the last couple of years. Meanwhile, UK Finance found that in the first half of 2018 £500 million was stolen from the customers of British banks.

A major issue for bank service providers is that there’s no single source of ID verifiable data to use. Instead banks need access to many different streams of data to be KYC compliant. This means it’s vital to have access to the most up to date, relevant data, from multiple sources of billions of global contact records. This should be data from trusted reference data sources, such as credit agency, government agency, utility company and international watchlist data.  

Those that obtain data from a limited number of sources could find themselves with an incomplete reference data set, one that could have errors due to mistakes from manually inputted data that impacts on the effectiveness of the data for fraud prevention.

When sourcing data for ID verification it’s equally important that the data doesn’t just verify but enriches and improves the customer data, to help deliver a 360-degree single customer view (SCV) that will also aid your future marketing and sales efforts. It could be data that adds an additional contact phone number or completes the missing parts of a postal address.

Don’t forget that biometric data can play an important role too. Banks should take a serious look at the latest facial recognition and other biometric technology to help confirm the customer’s identity, that speeds up the verification process and therefore improves the customer experience.

What is becoming increasingly important is ‘proof of life’ in biometrics, particularly with interactions between banks and their customers more commonly taking place online. For example, is the entity the bank is communicating with a real live individual, or an image of someone, or even a sophisticated avatar? And does this captured image match their ID photo also on the system? Biometric technology such as this will avoid time consuming security questions prior to the start of the interaction.

Banks must always deliver a good customer experience when onboarding new customers as well as to existing customers accessing their accounts. This is where the importance of having the appropriate depth of ID data and biometric technology can play a key role in an increasingly competitive open banking world. The ‘survivors’ will be those that enhance the customer journey whilst maintaining strong due diligence over the customer data in their systems. In fact, such due diligence ensures you become the source of trusted identity your customers use for all of their digital banking activities – vital if you want to grow and prosper in the open banking age.

It’s time for banks to embrace the open banking world without fear of fraud and offer a great customer experience that helps them stay ahead of the competition. Today, with the appropriate depth of data available for effective KYC compliance from cloud service providers and improving biometric technology, that’s possible.



Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 01 February, 2019, 18:22Be the first to give this comment the thumbs up 0 likes

When I raised this subject a few months ago on the pages of Finextra, someone pointed out that all TPPs with whom banks share customer data under Open Banking are thoroughly vetted by the regulator, so there's virtually no scope of identity theft / fraud. I'm somewhat perplexed to hear the opposite perspective. 

Barley Laing

Barley Laing

UK Managing Director


Member since

28 Jan 2019



Blog posts


This post is from a series of posts in the group:

Banking Strategy, Digital and Transformation

Latest thinking in respect to Banking Strategy, Digital and Transformation. Harnessing our collective wisdom to make banking better. Ambrish Parmar

See all

Now hiring