Open Banking In UAE: Putting Consumers In The Drivers Seat

Published date: .

The UAE is well on its way to cementing itself as a leading technology hub in the region as the drive towards diversifying the economy through technology and innovation continues. Benefitting from a young, tech savvy and entrepreneurial population, Dubai and Abu Dhabi remain the destination of choice for Fintech firms.

Technology-based companies have been identified as key drivers of growth, supported by an advanced technological infrastructure and governmental support, firmly positioning the UAE as a fast-emerging regional hub for start-ups within the financial sector.

In a bid to become part of a connected nation, customers in the UAE are becoming increasingly receptive to alternative payment methods from established technology firms such as Apple Pay, Samsung Pay, Amazon, and Google. There are already a growing number of young people who bypass the traditional financial institutions in favour of transacting exclusively via disruptive mechanisms such as PayPal and bitcoin.

This rapidly advancing technology has taught consumers to demand everyday information instantaneously and with little effort—and now consumers want more control over their money. that is where open banking comes in. As open banking increases in popularity, it is imperative that end users are safeguarded from identity theft and data breaches.

Essentially, open banking is the sharing of financial information from banks to third parties. With consent from the consumer, these third parties can access reams of financial data, such as transaction history and spending behaviour, which was, until now, held solely by the banks. Technologies such as biometric software, government ID document readers, and identity and access management (IAM) solutions all support the secure transition from traditional to open banking interactions.

Users can look forward to a secure environment, delivering identity verification, user authentication, transaction verification, and fraud prevention to create a seamless user experience, regardless of device. Machine learning, and artificial intelligence routines can be used to develop personalised authentication profiles for individuals, creating personalised authentication scenarios.

Ultimately, machine learning creates a personalised risk assessment for each individual, with each authentication need. For example, if there are no suspicious activities for a given user when conducting a transaction, the individual will receive less authentication requests.

The process allows a person to be identified and authenticated based on a set of recognisable and verifiable data, which are unique and specific to them, creating a more seamless and secure user experience. The provision of a secure environment is not simply a response to user requirements but is also a regulatory obligation.

We have seen a sharp rise in cyberattacks and breaches, and the financial services sector is a particularly hot target given the assets it holds. And when Gemalto conducted a survey of 11,000 digital and mobile banking consumers across 14 markets, we found that, 49 per cent of UAE customers would switch their bank if their current bank had experienced a security breach and 52 per cent would switch to a provider with more rigorous measures.

So, regulation calling for greater security and control is, in general, a sensible move in line with what the market is doing anyway. Biometrics remain a key part of the multi-factor authentication mix. Biometric technology as a means of authenticating identity is on the rise and form an integral part of a broader multi-factor set of authentication credentials.

By this we mean that it can play the role of “something you are”, and then you need “something you know”—a passphrase, for example—and something you have, like a physical token. For many relatively low-value transactions, it may well be that a simple biometric reading alone would be sufficient, but if you hit certain thresholds you might trigger a second.

In the near future, a majority of UAE banks plan to offer more biometric solutions to their customers. Within the next five years more than 88 per cent plan to have fingerprint scanning, 67 per cent face recognition and voice recognition is to be used by 64 per cent.

Iris recognition remains the most intricate method, but still an impressive 65 per cent of banks have plans to implement this. Customers are becoming increasingly demanding with increasing expectations from technology. To be truly satisfactory, the digital banking experience needs to go far beyond user friendliness and responsiveness.

The expectation is not only to access core services such as bill payment and transfers but to tap into associated products and services such as loans, saving plans and investment. Open banking provides an opportunity for innovation in a fast-evolving sector.

Banks are adopting an agile approach and are focused on utilising mechanisms to create a new set of customer experiences delivering no only security but convenience. Fintech start-ups are already trying in this vein, using real-time transaction data to build up a careful profile of each customer and offering other, secure, transaction options to customers.

Open banking appears to offer many positives, however, regulators must be careful, as it is not without its risks. The second Payment Services Directive (PSD2) was recently implemented in Europe and is responsible for ensuring that banks adhere to rules and regulations around open banking.

This was a significant move for the payments industry as access to this information will help new entrants create innovative new products and services and ultimately better serve the consumer. Here in the UAE, the Central Bank brought in similar regulations to address payment service providers (PSPs) and the adoption of digital payments across the emirates.

With the transformation underway, strong authentication standards are needed to deliver the promises of open banking and a careful balance between fighting fraud and keeping consumers happy must be struck.