Banks, Fintech Firms Form Organization to Promote Secure Data Sharing
Big banks and fintechs joined together this week to form a new non-profit, the Financial Data Exchange, a subsidiary of FS-ISAC, designed to promote a consistent standard for data sharing and security.
Big banks like Bank of America and Wells Fargo, financial services firms like Charles Schwab and Fidelity Investments united this week to form a coalition designed to better facilitate data sharing, and ensure users have control and security of their data.
The group, Financial Data Exchange (FDX) was formed Thursday as a subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC).
The goal of the non-profit is to gain traction around an API, the Durable Data API, first publicized by FS-ISAC in February. The aim of the free API is to make it easier for financial institutions and data aggregators to share data. With the API when a user wants to set up or add a bank account, they're passed to a secure server, presented with a consent page where they authorize that their data can be shared, then passed back to the financial application.
"Data sharing between financial application servers and financial institution servers is then done securely via a unique virtual token that identifies the consumer and their respective accounts," FS-ISAC said of the API earlier this year.
"The launch of FDX marks an industry turning-point toward the standardization of more secure financial data sharing," said Lila Fakhraie, co-chair of FDX and manager of the Digital Banking API team said Thursday, "Our efforts will improve the efficiency and security around the exchange of financial information and empower consumers to control exactly what account data is shared with third-party applications."
The group says one of the benefits of the API is the ability to do away with screen scraping and requiring login credentials, processes financial services companies usually follow to retrieve account information.
That FDX was able to land so many firms - in addition to the aforementioned, Experian, JPMorgan Chase, TD Bank, and USAA are also behind the initiative - lends credence to the API.
The formation of the group makes sense, especially in light of the public’s heightened concern around personal data and who has access to it.
Out of 17 industries, after healthcare, the financial services industry has the highest cost-per-record when it comes to breaches. Financial services organizations pay $206 per record, 29 percent more than the global average, according to IBM and Ponemon's latest Cost of a Data Breach report. The research firm Accenture, which released a similar report this year, said the cost of cybercrime has increased by over 40 percent over the last three years.