这里我们必须先帮大家厘清一个问题，也就是Open Banking与open banking的区别。
首先，所谓的Open Banking (包括PSD2等类似法律)是一种拯救银行业的新规，而且其实并不受到银行欢迎，目前也很少为消费者所知。现有的媒体报道大多都是负面的，有关安全与隐私担忧等问题都亟需积极调整。
总而言之，Open Banking法规生效还需时日，而open banking营商模式则在快速塑造着新一代的金融模式。Open Banking有望在未来为新金融模式提供法律保障，而open banking则将会为推动未来金融监管提供更多的监管视角和需求。
PSD2 and Open Banking went live in Europe and the UK on Saturday, in what may prove to be one of the most transformational moments in banking in decades.
In the UK, there have been a few challenges to implementation, including a handful of the country’s largest banks not managing to make the required system changes in time. Furthermore, across Europe, in a rather bizarrely phased rollout, the technical standards that banks must meet in order to comply with the legislation are still being developed and won’t become mandatory until 2019.
In an admirable (if accidental) case of legislative foresight, PSD2/Open Banking may be the law that saves banking. Initially challenged by disruptive fintechs post-2008, and more recently by the likes of Google, Amazon and Facebook, banks are being forced to modernise their business models before they become obsolete.
Which brings us to the important distinction between Open Banking (the legislation) and open banking (the strategy of bringing modern, open, tech-forward business models to financial services). The former is a directive largely disliked by banks and ignored by consumers, while the latter underpins the current wave of open and connected banks, fintechs and big tech firms transforming financial services.
The lead-up to the PSD2/Open Banking launch was confused, and coordinated communication to consumers outlining the changes hasn’t been forthcoming. So far, media coverage has been largely negative, highlighting security and privacy concerns rather than the massive customer benefits the legislation enables. Unfortunately, these concerns are valid.
With banks slow to complete the technical development required to fully comply with new legislation, risky interim measures have been put in place. ‘Screen scraping’, which requires customers to divulge passwords to third parties, is the interim method for PSD2 compliance. According to Megan Caywood, chief platform officer at Starling Bank, “in many cases, banks are sending their customers information saying ‘share your log-on credentials’ with third parties”.
APIs, on the other hand, offer security enhancements and functionality improvements over screen scraping. “Whenever you’re doing screen scraping, you’re giving a third party your log-in credentials so they can access all of your bank data,” says Megan. “APIs are nice because they share information securely, and they also give you granular control of the data that’s shared. Screen scraping says take my log-on credentials and access all of my bank data.”
There’s significant work left to do in order to get PSD2/Open Banking right, but it’s a mistake to be overly focused on legislative changes. While the media rages, incumbent banks delay and customers puzzle over the new laws, fintech and big tech players such as Bud, TransferWise, Tandem, Starling, Monzo, Google, Apple, Amazon and many others are making quiet progress towards creating a very different financial services industry.
While Open Banking (the legislation) takes its time to take effect, open banking (the business model) is rapidly shaping the future of finance.