|
The European Banking Federation has asked the European Commission not to dismiss a key recommendation by the European Banking Authority (EBA) on future electronic payments in the European Union. The EBF fears that the privacy of client data, cybersecurity and innovation are put at risk if the Commission does not fully endorse the EBA standards.
PSD2 introduces a general security upgrade for third-party access to a client’s data, bringing an end to practices known as ‘screen-scraping’ [VIDEO]. Such services, seen as a first-generation direct access technology, let third parties access bank accounts on a client’s behalf by impersonating while using their access credentials. PSD2 calls for the creation of a technology-neutral level-playing field for banks and fintechs, new and old.
The proposal requires banks to opt for either creating a ‘dedicated interface’ that lets third parties access bank accounts on behalf of clients, or to upgrade their client interface. These solutions would replace the old practice of screen-scraping. They ensure the continuation of direct access services in the EU in a secure way by empowering clients to decide for themselves which data can be accessed by third parties. The EBF sees the EBA standards as a common solution that ensures security and as a significant catalyst for innovation into the future in the European payments market, fully compliant with the EU’s General Data Protection Regulation (GDPR).
The European Commission appears to be willing to go against the EBA advice and may let screen-scraping continue by requiring banks to accept screen-scraping as an additional mandatory direct access method, forcing banks to maintain at least two interfaces. Banks are deeply concerned over this development and fear that such a choice would harm the development of electronic payment services. It would come at the expense of innovation in payment services and would make it more difficult to protect the privacy of account holders.