cybersecurity

Open banking: how does it work and what are its advantages?

BugHunt

3 min read
Open banking: how does it work and what are its advantages?

Following global trends, open banking—or open finance, as it is also called—has become a reality in Brazil since 2021. Although activities began two years ago, this financial resource still raises many questions among users.

A reflection of this is that a survey conducted by Provu found that 84.5% of people do not know what open banking is. When asked about open finance, only 32% claimed not to know, which is quite curious because the two terms are the same thing.

As you may have noticed, even though open banking has arrived to revolutionize financial transactions in the country, little is known about the topic. So, if you want to understand what open banking is and how it works, keep reading this article!

What is Open Banking?

Open banking—known in Portuguese as "sistema financeiro aberto"—is a system for sharing financial data in a standardized and regulated manner by the Central Bank (BC).

The main goal of open banking is to facilitate transactions between banks and financial institutions, providing users with more autonomy, control, and visibility. Additionally, it aims to stimulate competition among institutions.

Through an integrated platform—called an API—different financial institutions can access customers' data to offer personalized products and services.

It is important to note that this data can only be shared and accessed with the consent of the information holders.

Phases of Open Banking

As mentioned earlier, open banking in Brazil began implementation in 2021. As a result, an action plan with four phases was outlined until the mechanism was fully operational in the country:

  • Phase 1: Institutions made information about their service channels, products, and services available.
  • Phase 2: Consumers were able to share their personal data with desired institutions.
  • Phase 3: Consumers gained access to financial services without needing to visit the institutions they already interact with.
  • Phase 4: New data could be shared, and new products and services, such as currency exchange, investments, insurance, and private pensions, were introduced.

How Does Open Banking Work?

The functions of open banking are divided into two categories: data sharing and payment initiation. Here’s a step-by-step guide for using each function:

Step-by-Step for Data Sharing:

  1. Consent: On the channel of the institution where the user wants to share their information, they choose the source institution, specify which information, and set the consent period.
  2. Redirection (source): The user is redirected to the interface of the data source institution to complete the sharing process.
  3. Authentication: After redirection, the user needs to log in to their account as usual.
  4. Confirmation: At this stage, the user authorizes the sharing.
  5. Redirection (destination): The user is redirected to the channel of the destination institution.
  6. Execution: The information transfer is completed.

Step-by-Step for Payment Initiation:

  1. Initiate Payment: The chosen payment initiation institution requests transaction details and authorization.
  2. Redirection (source): The user is redirected to the institution where they hold the account.
  3. Authentication: After redirection, the user needs to log in to their account as usual.
  4. Confirmation: At this stage, the user authorizes the payment.
  5. Return to Initiator: The user is redirected back to the payment initiator.
  6. Confirm Request: The payment initiator displays confirmation of the payment request.

Which Brazilian Institutions Are Involved?

According to the Central Bank, more than 90 financial institutions and fintechs were registered by October 2021.

Among them are major institutions such as Banco do Brasil, Bradesco, Caixa, Itaú, Santander, Safra, Rede, PicPay, PagSeguro, Nubank, Next, Cielo, Banco XP, and more.

You can check the complete list on the official open finance website in Brazil.

What is the Relationship Between API and Open Banking?

An API—Application Programming Interface in English, or Interface de Programação de Aplicativos in Portuguese—is a tool that enables communication between different systems. In the context of open banking, APIs allow financial institutions to share their data with other organizations in the same sector.

In other words, APIs act as a channel that allows other companies to access a financial institution’s customer data—with the customers' consent, of course.

Advantages of Open Banking

By providing integration between financial institutions, open banking offers unprecedented advantages:

  • Less bureaucracy in adopting new products and services;
  • More empowerment and autonomy for customers;
  • Easier payments;
  • Increased competition among institutions, leading to improved services;
  • Financial inclusion;
  • Development of new solutions;
  • More efficiency and agility in processes.

Is Open Banking Secure?

Yes, open banking is secure! In Brazil, this service is regulated by the Central Bank. Additionally, all open banking data transactions are protected by Complementary Law No. 105/2001, which prohibits sharing information with institutions outside the ecosystem.

Moreover, the General Data Protection Law (LGPD) also oversees and regulates operations conducted through open finance. Therefore, it is crucial for financial institutions to be protected. This preserves customer data and the reputation of the brand.

Here at BugHunt, we have developed a quiz for fintechs to assess their information security. Click here to find out if your fintech is secure!