Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication Rule

By   ISBuzz Team
Writer , Information Security Buzz | Dec 01, 2021 03:23 am PST


It was reported today that the UK’s financial markets regulator changed the 90-day rule, which required users to re-authenticate their permission for sharing financial data every three months. 

This meant that users had to re-authenticate every 90 days on every app and provider they shared their financial data with. 

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Andy Renshaw
Andy Renshaw , VP of Payments Strategy & Solutions
December 1, 2021 11:24 am

<p>Changing the 90-day rule so that a user can authenticate once for all their banks will help remove friction and drive adoption, which is great for ongoing innovation in the industry and overall usage of open banking. </p>
<p>The change can also be implemented without a material change to the risk profile of Open Banking based activity, which is a further bonus as this will enable it to happen at speed. Ideally, those leveraging Open Banking (and Banks) will still offer their users the ability to easily switch permissions on/off through their apps and not solely rely on the 90-day authentication process. Offering this level of flexibility is key to giving users confidence in sharing their data, safe in the knowledge that they are in control of where it goes, how it is used and can easily change that position if they wish to do so.</p>

Last edited 2 years ago by Andy Renshaw

Recent Posts

Would love your thoughts, please comment.x