if you didn't know, Open Banking is a top topic in development today. The hype is validated and driven by digital transformation and the modernization of applications to manage customer access and consent, and the need to dynamically share data within the business and partner ecosystems. Open Banking enables customers, partners and employees to access applications, data and services regardless of their location, device or network.
We had the opportunity to chat with Jasen Meece, CEO of Cloudentity, a hot Seattle-based cybersecurity company focused on dynamic authorization, to discuss the company's investment in advancing Open Banking and their new partnership with identity giant Okta.
How has Open Banking transformed over the past few years? How has banking security evolved along with it?
The Open Banking revolution started when new regulations, such as Open Banking Europe (OBE), were formed in 2017 to foster innovation, competition and efficiency, increasing consumer choice and enhancing security for online payments. Following that, the U.S. created the Financial Data Exchange (FDX), a consortium of providers around a common standard for secure access to financial data. Today, there has been a spike in software companies founded with the purpose of creating a new method for digital-first consumers to do banking and manage personal finances. Banks have also embarked on the same journey by introducing similar types of mobile apps designed to make customers’ financial lives more productive and seamless.
Without consumer trust and strict security guardrails, the API Economy would not be successful. When people or businesses share sensitive personal or financial details between various third-parties, services, apps and websites, they expect it to be done securely to reduce the risk of theft, fraud and unauthorized use. That is why governing and enforcing policy and consent management at the API level is required for Open Banking security.
What are the advantages of Open Banking?
The new API Economy has created a gold rush for app developers working to build what will become the next generation of financial platforms. Open Banking provides a standardized way for traditional banks and next-gen fintech startups, such as Venmo, Mint and SoFi, to create value-added services that can provide a richer, more secure customer experience while allowing the customer to be in control of their digital identity. Some real-world examples include allowing consumers to manage their personal finances and transfer money across multiple banks, credit cards or investment accounts or sharing credit information to get access to competitive insurance offers. Open Banking-compliant apps can provide small businesses access to cheaper loans for businesses and the ability to manage money quickly and easily. In addition to the consumer benefits, app developers benefit from open, standardized APIs to financial information that powers their products without relying on screen scraping or other substandard means of collecting information that frequently leads to service disruption and technical debt. Most importantly, it puts the power in the hands of the consumer to manage how, when and with whom their personal information is shared to enable those valued-added services.
How does this new partnership with Okta play into the evolution of Open Banking?
Well-built Open Banking compliant APIs, along with authentication and authorization policy governance and enforcement at scale are essential to enabling businesses to participate in the growing API economy. Cloudentity’s partnership with leading workforce and consumer identity and access management provider (CIAM) Okta will provide the industry’s first reference architecture to deliver on the promises of Open Banking by combining world-class customer identity with fine-grained authorization policy and consent management that reduces the barrier to entry for established brands and next-gen fintech companies. By providing a simple solution that can integrate with existing infrastructures, we believe the joint offering will help drive adoption of the Open Banking standard and pave the way for other Open Data standards that can leverage the same model.
What are the benefits that your customers will see as a result of this partnership?
With the increased ability for customers to share their personal and banking data with trusted third-party providers (TPP), the opportunity for traditional banks and smaller financial companies to offer competitive services has grown exponentially. Cloudentity and Okta’s partnership significantly reduces time to market for secure API-driven service development and “shifts security left” in the development process reducing potential application vulnerabilities. This integrated solution simplifies the process of onboarding APIs and cloud services onto Okta’s CIAM ecosystem and establishes a governance layer across all APIs and services with a single pane of glass, providing visibility across customer’s entire hybrid, multi-cloud identity and API gateway infrastructure. Cloudentity’s Authorization Control Plane (ACP) allows customers to manage the lifecycle of policies to meet the needs of heavily regulated industries, such as banking and healthcare, while providing real-time policy decisions and enforcement at the service edge for high-scale, transactional authorization.