Sharing of banking data has been a service provided in Australia in an unregulated capacity for many years. Open Banking has formalised this capability via the Consumer Data Right (CDR) that is mandated and regulated by the Australian Government.
Let’s touch on some factors that contribute to the safety and security of CDR Open Banking for consumers.
Consumers have full control over their banking data
Consumers must provide explicit consent before their data is shared with third-party providers. They have the ability to choose what data is shared, for what purpose and for how long. They can also revoke consent at any time, giving them greater control over their information.
Strong authentication that does not include password sharing
Open Banking requires strong customer authentication to prevent unauthorised access. Unlike screen scraping it doesn’t involve customers sharing their online banking password, and instead uses some form of Multi Factor Authentication such as a mobile SMS or in app verification code.
Sharing data via secure banking APIs
Open Banking relies on secure Application Programming Interfaces (APIs) for data sharing between Data Holders (such as banks) and Data Recipients (such as third party apps). These APIs follow strict security specifications such as Financial-grade API (FAPI) and standards such as OAuth 2.0 and OpenID Connect to ensure data is transmitted securely.
Consumers are protected by strict privacy regulations
Open Banking operates under strict privacy regulations, including the Privacy Act 1988 and the Australian Privacy Principles. Data Holders and Data Recipients are required to handle consumer data responsibly, ensuring its confidentiality, integrity, and protection. They must have robust data protection measures in place to safeguard against breaches or unauthorised use.
Compliance is regulated by the ACCC
Open Banking in Australia is regulated by the Australian Competition and Consumer Commission (ACCC) and Office of the Australian Information Commissioner (OAIC). These regulatory bodies ensure that Data Holders and Data Recipients adhere to security standards and compliance requirements. Ongoing monitoring and auditing help identify any vulnerabilities or risks and ensure the safety of consumer data.
Ongoing Government commitment to security
Finally, the government is maintaining it’s investment in a safer digital future, this year’s Federal Budget included a further investment in the Consumer Data Right of $88.8 million over two years, with a focus on several areas including:
- cyber security improvements across all CDR agencies to reflect the evolving data landscape. This includes constant assessment and updates to the security standards adopted.
- expanding awareness of the CDR brand as a trusted, safer data-sharing model that allows consumers to easily identify CDR-enabled providers, products and services. Consumers will become more security aware when sharing their data and will be choosing CDR data share options over less secure alternatives.
Learn more about Open Banking
If you’re keen to learn more about Open Banking, check out Basiq’s Open Banking Hub or get in touch with our friendly team!
Article Sources
Basiq mandates its writers to leverage primary sources such as internal data, industry research, white papers, and government data for their content. They also consult with industry professionals for added insights. Rigorous research, review, and fact-checking processes are employed to uphold accuracy and ethical standards, while valuing reader engagement and adopting inclusive language. Continuous updates are made to reflect current financial technology trends. You can delve into the principles we adhere to for ensuring reliable, actionable content in our editorial policy.