Confidential open banking | SILENTDATA
Desk with office tools and an smartphone showing a lock screen

Article

Feb 25, 2021

Confidential open banking

We’ve combined two great inventions: Confidential Computing and Open Banking to create Confidential Open Banking.

What is Open Banking?

Open Banking is an initiative led by regulators and banks to enable third party app developers to access bank customer data and initiate bank payments. Open Banking provides access to customer banking data with their consent.

Regulators introduced Open Banking to break the monopoly that banks have on customer financial data, and enable and encourage a competitive eco-system of FinTech companies to try to better understand customers and offer more compelling services. The key to enabling competition is providing these FinTech startups with access to customer’s financial history so that they can offer tailor made solutions.

Regulators in the UK, EU and Australia in particular have required major banks to enable open banking, and in the UK this is already used by 2 million banking customers.

What is wrong with Open Banking?

The problem with Open Banking is that it provides access to customer data. Any sensitive data that is shared through Open Banking is revealed to a third party app developer, and they are able to store it, process it and continue to retrieve it for up to 90 days.

The spreading of sensitive data is never a good thing. Cyber attacks and identity fraud have unfortunately become regular occurrences for many individuals and organisations. A well publicised example is the series of Experian cyber attacks where over 150m customer records were stolen by hackers.

Having our sensitive banking data collected and stored by additional organizations, even with our consent, increases the risk of theft and fraud.

This is one of the reasons why many people are hesitant when presented with the bank account login screen as part of the Open Banking user experience.

What is Confidential Computing?

Confidential Computing is a new technology developed by hardware chip manufacturers, such as Intel, that enables data to be processed on a computer without the owner or administrator of the device having access to any of the data.

Confidential Computing enables someone to process your data on your behalf without having any access to the data. The data protection is provided by hardware, a bit like the Apple Pay wallet in your iPhone, which makes it even harder for a malicious actor to breach.

What is Confidential Open Banking?

Confidential Open Banking, as implemented by SILENTDATA, is the combination of Open Banking and Confidential Computing technologies such that the Open Banking data is retrieved directly into a Confidential Computing platform, and the sensitive data is processed but never revealed, not even to the host of the platform.

This provides the best of both worlds:

  • Open Banking technology can be used to provide additional financial services;
  • The data is never revealed, and therefore remains protected from theft or fraud.

We believe that today, too much of our data is shared and distributed across the internet leaving ourselves and our organisations vulnerable to cyber criminals.

SILENTDATA enables us to move forward with innovation and competition, without the need to compromise and risk our security.

Why is it Useful?

SILENTDATA can be used for:

  • Verifying bank account ownership;
  • Checking if a party has sufficient funds available to undertake a transaction;
  • Checking whether an individual or company has regular and consistent income over time;
  • Asking for proof that a specific transaction has been made.

The platform enables queries to be made on bank accounts without the banks having to make any changes to their systems to support those queries, and without having anyone else gaining access to the customer’s data.

  • Bank can use this for mortgage affordability checks;
  • Lawyers can use it understand if deals are ready to be completed;
  • Finance teams can use this to verify bank account details and avoid invoice fraud;

No one receives one byte of data more than is absolutely necessary.

What are the alternatives?

If you don’t use SILENTDATA for Open Banking and your business bank account data gets into the wrong hands:

  • Customers might see your payments to suppliers and understand your underlying costs;
  • Suppliers might see what you’re paying other suppliers;
  • Employees might see what other employees are getting;
  • You’d lose all of your negotiation leverage and most of your margin.