BACKGROUND:
It was reported today that the UK’s financial markets regulator changed the 90-day rule, which required users to re-authenticate their permission for sharing financial data every three months.
This meant that users had to re-authenticate every 90 days on every app and provider they shared their financial data with.
<p>Changing the 90-day rule so that a user can authenticate once for all their banks will help remove friction and drive adoption, which is great for ongoing innovation in the industry and overall usage of open banking. </p>
<p>The change can also be implemented without a material change to the risk profile of Open Banking based activity, which is a further bonus as this will enable it to happen at speed. Ideally, those leveraging Open Banking (and Banks) will still offer their users the ability to easily switch permissions on/off through their apps and not solely rely on the 90-day authentication process. Offering this level of flexibility is key to giving users confidence in sharing their data, safe in the knowledge that they are in control of where it goes, how it is used and can easily change that position if they wish to do so.</p>