Revisiting Open Banking with Privacy Preserving Technologies

Open Finance is entering a pivotal phase of growth, where the realization of its full potential depends on a deeper respect for consent and data privacy. These elements are becoming increasingly essential to encourage data custodians to participate, thereby driving the industry toward socially optimal outcomes.I believe that Privacy-Enhancing Technologies (PETs), such as the proposed solution leveraging Multi-Party Computation (MPC), are both highly relevant and immediately implementable. I support the idea of FIUs and TSPs forming closer partnerships to implement PETs. By doing so, they will enable the responsible use of data, ensuring secure participation in computations without compromising privacy

As the Account Aggregator framework expands and its usage increases, the importance of safeguarding the system against data leaks and misuse becomes paramount. The adoption of the Multi-Party Computation (MPC) method marks a significant advancement in protecting user data. It ensures that access is granted strictly when necessary, and sensitive details are not exposed to entities that do not require them. As an FIU, Fold recognizes the potential of such technologies to enhance security and remain committed to implementing these measures responsibly to maintain trust and ensure privacy within the ecosystem.

There’s a strong need for a privacy preserving compute layer to support data minimisation and to mitigate any potential malicious use of data for which end users had not consented. However, any intermediate layer would add a compute cost, add to the latency of data and insight delivery and would be a cost overhead to FIUs. All FIUs therefore need to be sensitised on the same and need to be on the same page for why implementation of such a layer is beneficial in the short and long term. Incentives need to be aligned for all stakeholders and we need to instil more trust in these open networks. Privacy preserving techniques like multiparty compute can provide us just that. At Finarkein, as an early adopter and enabler of the AA ecosystem, we have followed Privacy preserving techniques from day zero such as in-memory data processing only, complete data encryption in transit and at rest and no storage of data whatsoever.