Financial industry unites to enhance data security, innovation and consumer control

Financial institutions, fintech firms and industry groups launched the Financial Data Exchange (FDX), a non-profit organization to unify the financial sector around the secure exchange of financial data. FDX will address common challenges around the way the industry shares consumer account information to enhance security, innovation and consumer controls. FDX is a subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC).

As digitization has impacted every industry, consumers expect protection of their personal information. Nearly two-thirds of respondents said they are concerned about data privacy when using fintech apps, according to a 2018 survey of 1,500 U.S. consumers conducted by The Clearing House (TCH). Fifty-six percent said they want to control which financial accounts and types of data that third parties can access.

Federal financial regulators and other government agencies have encouraged efforts to enhance security, privacy and innovation. In response, FDX has introduced an interoperable standard and operating framework centered on an application programming interface (API), called the Durable Data API or DDA, unveiled by FS-ISAC earlier this year.

DDA will benefit consumers, financial institutions and fintech companies. Consumers will have control over their personal financial data through access authorization options. When permissioned by consumers, financial institutions will have a process for securely sharing consumer data with fintech and other companies. Fintech companies will be able to access consumer financial information and provide services that consumers want.

DDA will replace the need for screen scraping and credential sharing – both commonly used today. Screen-scraping is third-party use of consumer log-in information to access accounts and “scrape” data to provide services. Adoption of DDA reduces instances of consumer login credentials being stored by fintechs, who will only retrieve account information essential to their services.

“The launch of FDX marks an industry turning-point toward the standardization of more secure financial data sharing,” said Lila Fakhraie, co-chair of FDX and manager of the Digital Banking API team, including the data sharing program, at Wells Fargo.

“Our efforts will improve the efficiency and security around the exchange of financial information and empower consumers to control exactly what account data is shared with third-party applications.”

FDX’s board of directors comprises: Bank of America, BB&T, Capital One, Charles Schwab, Citigroup, Experian, Fannie Mae, Fidelity Investments, Finicity, FS-ISAC, Intuit, JPMorgan Chase, PNC Bank, N.A., Quicken Loans, SIFMA, TD Bank, TCH, USAA, U.S. Bank, Wells Fargo, Xero and Yodlee.

“Together, we will fundamentally change financial data sharing while helping consumers and businesses use data to make better financial decisions,” said Steve Smith, co-chair of FDX and CEO of Finicity. “By settling questions of standardization and interoperability, FDX will allow industry to focus on serving their customers and create a strong foundation to encourage innovation.”

To support use of DDA, FDX has constructed an operating framework, policies, membership and developer support. Membership is now open to financial institutions, fintech companies and industry groups who wish to support the development of protocols for data sharing, security standards, and other FDX activities.