Open banking is a financial services term originated from the concept of Open innovation that means no secrecy, no hold of a centralized authority over our data in this information age. Things should be transparent. Something along the lines of the blockchain philosophy.
Open banking is a shift from the closed to an open banking and financial model. It involves big financial institutions like corporate banks providing financial data of the customers, on their approval, via a public API to the third-party developers. Just like how social networks like Twitter and Facebook provide user data to the developers via their Restful APIs, authenticated & authorized by protocols like OAuth.
According to the Open Banking initiative, banks should ideally implement public APIs using the open-source software. This ideology is being adopted by several countries following the open banking models of EU and UK
Open banking enables the end-user to have control over his data. It’s an opportunity for him to make the most out of his money by providing his data to the third-party developers/Fintech startups to get better deals like loan availability at fewer rates, investment advice & assistance with other finance-related stuff.
A few other use cases of these third-party apps are a money manager app where the user could fetch his data from his several accounts in multiple banks and consolidate all the information in one place to strategize his investments better. Via the app interface, he could also check the availability of the functional ATMs of his banks near his location etc.
Apps and website enrolled in the Open banking initiative are to be regulated by a central authority adhering to strict rules on data security, data protection laws & other operation guidelines.
So, here is how the system works. The flow is just like how we approve our data to be accessed by third-party apps like social games from Facebook or Twitter.
User installs the third-party app. The app needs user data for its service, it prompts the user to approve the data access via a login pop up for a respective bank.
The user enters his details, the bank authenticates the credentials, confirms the user consent via an SMS or an email and provides the data specified by the user to the third-party app via a protocol like OAuth.
OAuth is an open authorization protocol which enables users to grant websites access to their information from other websites without giving them the password.
Third-party apps consume the public Open REST APIs made available via banks to fetch the required information. Here are the links to the open banking standards that respective countries follow
United Kingdom, France, New Zealand, Australia, Nigeria
If you wish to read more about the specification this is a good read
Recommended Read: Master System Design For Your Interviews Or Your Web Startup
Subscribe to the newsletter to stay notified of the new posts.
I am Shivang, the author of this writeup. You can read more about me here.
If you liked the write-up, consider sharing it with your folks.
See you in the next write-up.
More On the Blog
- Distributed Systems, Scalability & System Design #1 – Heroku Client Rate Throttling
- Zero to Software/Application Architect – Learning Track
- Java Full Stack Developer – The Complete Roadmap – Part 2 – Let’s Talk
- Java Full Stack Developer – The Complete Roadmap – Part 1 – Let’s Talk
- Best Handpicked Resources To Learn Software Architecture, Distributed Systems & System Design