Open Banking vs. Screen Scraping: looking ahead in 2019

The sharing of customer transactional data in the UK will undergo a significant change in September 2019, with legislation coming into effect due to end the decade old practice of screen scraping.

In the past, screen scraping allowed third party companies to access financial transaction data by logging into digital portals on behalf of a financial institutions' customers. Typically screen scraping involves the third party company creating a mirrored login page, which looks and feels similar to a bank or credit card online login page. The customer enters their login details, passwords and additional security measures like memorable name, which the third party can use to log in as the customer. Once logged into the account as the customer, screen scraping tools copy available data to an external database and can be used outside of the financial institution.

Within the financial sector, this technology has been used by lenders, financial management apps, personal finance dashboards, and accounting products to retrieve customers’ financial data with their consent. For example, a budgeting app uses screen scraping to retrieve the incoming and outgoing transactions in a user’s bank account, powering the analysis it provides on top of this data.

Despite the usefulness of this technology, shortcomings remain in security and speed. Large pools of data can take screen scraping tools 5–10 minutes to retrieve. Passwords and additional security information, once passed to a third party, becomes more vulnerable to loss. As screen scraping tools generally scan the existing consumer-facing web portals of financial providers, a small change to a website can create stability issues for screen scraping tools. Continuity of access can become a significant issue for businesses relying upon scraped data. Nevertheless, given the lack of alternatives, screen scraping has been used widely for a number of years.

This is where Open Banking comes into play. The UK legislation that spawned Open Banking has created an ecosystem where specially regulated third parties work directly with banks and financial insitutions to access account data in a more secure and faster way. The FCA ensures that third parties meet strict requirements for information security, while Open Banking has created a standardised way to share data and collect customer consent.

So how does Open Banking overcome the flaws associated with screen scraping? Open Banking was designed to make the process of retrieving customer’s transaction data more safe and secure in order to open up competition in the banking sector.

• Security: Unlike screen scraping, Open Banking does not require customers to provide passwords to third parties to access accounts on their behalf. This is an important security upgrade that means passwords are not shared with third party providers.
• Regulation: Open Banking can only be utilised by third party providers specially authorised and regulated by the FCA. Screen scraping is generally unregulated.
• Speed: Open Banking significantly reduces the time it takes to access account information. Processes that take screen scraping tools up to five minutes can be completed in seconds with Open Banking.
• Stability: Open Banking connections are made directly between the third party and the bank, greatly improving the continuity of service.

Open Banking was designed to replace screen scraping as a more secure, faster, and better alternative. With the advent of PSD2 legislation coming into effect in September of 2019, screen scraping will no longer be a viable way to access financial institution transaction data. For companies who need or want to access account data but have yet to adopt Open Banking, the looming deadline should push them to adopt this latest innovation in financial technology.