Data Aggregation – Part Two of Two – Use Cases in Europe
Customers’ data is much more secure in Europe than in the United States, in large part due to regulations such as the Payment Services Directive 2 (PSD2). As we describe, PSD2 has the potential to drive significant economic contributions and creates an environment ripe with investment opportunities.
While the US Aggregation (aka Screen Scraping) Market will be an AI landgrab, as outlined in our last post, PSD2, a game-changing European Union directive, will create guardrails in Europe around customer data and enforce practical limitations on AI data abuse in Financial Services.
Specifically, PSD2 has dramatically reshaped the financial services ecosystem within the European Economic Area (EEA). Unlike the American Screen Scraping method, often associated with the risk-taking strategies of Silicon Valley firms, PSD2 champions a more secure, accountable, and customer-centric approach.
Screen Scraping, which has been broadly adopted in the US, allows third-party providers to access customer data by effectively impersonating the user. This process involves storing and utilizing user credentials, which inherently carries substantial security risks. Furthermore, the method does not provide robust guarantees against potential misuse of customer data by AI or other technologies. This approach has been criticized for its cavalier attitude towards user data protection, despite its widespread use among the innovators of Silicon Valley.
In stark contrast, PSD2 has shifted the narrative, focusing on secure communication interfaces that permit third-party providers access to customer data without requiring direct access to user credentials. The directive mandates Strong Customer Authentication (SCA) at every transaction stage, ensuring the user’s identity is consistently verified. This authentication measure dramatically mitigates fraud and reinforces the overall security of customer data.
The European Banking Authority expects the volume of data exchanged under PSD2 to reach a staggering 100 billion transactions per year by 2023. This scale of data exchange doesn’t just serve financial innovation, but also has an unwavering commitment to customer security.
Economic impact projections by PWC in 2016 suggested that PSD2 could generate a revenue opportunity of €10-20 billion for the European banking and payments markets. This potential financial boom further underlines PSD2’s significant economic contribution and its pioneering stance.
For Financial Institutions and Personal Financial Management Apps, PSD2 allows for users to benefit from AI tools and knowledge at the same time protects against sensitive personal data becoming coupled or revealed. If the same regulators who brought PSD2 forward continue to be ahead of the curve, we can expect that they will identify practical ways to continue to embrace open data that protects customers interests while also giving customers the best tools and knowledge available via AI.
PSD2 is a trailblazer in offering a secure, accountable, and customer-centric alternative to the riskier Screen Scraping approach. Along with its rigorous adherence to GDPR, which demands advanced data protection measures, including data minimization and anonymization techniques when it comes to AI processing, PSD2 ensures that customer data remains secure in the era of advanced AI technologies, reinforcing its commitment to customer data protection and the broader evolution of a safe and innovative financial ecosystem.
We at Joffre are closely following this space as we look to identify new defensible technologies as they emerge. Stay tuned for part 3 of this series on data aggregation.