Behind the scenes and underpinning modern financial technology is data. Consumers want to access their financial data in the apps they prefer and fintech and incumbent financial institutions are opening up sharing this info. There’s a move to standardize the data format and how it’s accessed.
Don Cardinal is the managing director of FDX, a non-profit financial industry organization that promotes a common interoperable standard for securely sharing consumer financial data. He joins us on the podcast to discuss the FDX and what the implications of the FDX standards mean for the fintech industry, FIs and consumers.
What FDX does
Let's say you're using Mint to look at your 401(k)s from a few jobs ago. Right now for Mint to do that, it needs your IDs and passwords for your custodians. Sharing that in today's cyber world is probably not the best idea. FDX is working on a new mechanism so that Mint never has to hold that ID or password. It passes the session over to the financial institution to authenticate on the same rails it does today. It hands back a series of tokens so that Mint can go pull that data down without ever touching a user's credentials. If they don't hold it, they can't lose it.
History of financial data standards
OFX was our predecessor standard and was started in the nineties. We've made some improvements upon it and added additional data elements. I think we have more structure around it, so it's a more formal organization. We just had OFX join FDX as a working group, so we're going to harmonize those standards.
The idea of standardizing financial data has been around for a while. If you had to do this today using the best tools around the planet, how would you do it? FDX is how you would do it.
Implications of standardizing across the industry for fintechs
If you're a fintech, to grab data, you have to go through an aggregator or get it directly from a financial institution that are constantly changing their interfaces. Invariably, you have interruptions to your data. This is the raw material for a fintech. Having an API to go to means you have an always available interface -- constant supply of raw materials.
Instead of screen scraping, the API spells out exactly what each element means in the data. That means you can make a reliable decision about what each element means. For example, if you wanted to know the balance on a credit card, it could be your statement, current, or promotional balance -- all of them are a different number and it can have a bad impact on a credit decision.
Implications of standardizing across the industry for banks
Banks like APIs because screen scraping is very burdensome and resource intensive. Moving all this traffic off the front door to an API is a full order of magnitude more efficient. It saves them spending on hardware. It also lowers risk because consumers aren't sharing IDs and passwords. And because API data sets are well defined, any data at risk is known and defined.
It's really in everyone's best interest to do this.
Hurdles to standardization
We have thousands of FIs and fintechs in the U.S. For a standard to work, we all need to agree that field one is balance and field two is date...It's a very collegial group. We have almost 60 organizations as members and 24 board members -- big banks, small banks, core processors, fintechs and even academics.
When we talk about how do we do this, it's do we do this? How do we serve our joint customers? It's people solving problems. It's just a matter of prioritization. If you're a tax firm, you want the tax fields next in line. If you are a budgeting firm, you want the budgeting fields. That's OK and part of it.
The data ecosystem
The use case is generally a fintech app that uses a data aggregator to make calls against a financial institution or data source to pull data. So, to the extent that we're trying to solve held-away credentials and screen scraping, I think we're all aligned around a common purpose.
We have some core principles. Consumers need to be in control of their data, which data they share with whom and for how long. Access needs to be as frictionless and reliable as possible. This all has to be done with transparency -- having visibility into what data is being shared. It's visible to the user and they don't lose sight of it.
Another principle we have is traceability -- something the industry doesn't talk about a lot. That chain of sharing data should be visible to the players, so that if there is ever an issue, we can triage it.
Underlying everything is security. It's one of our main working groups. I think our white paper is probably a must-read for anyone sharing financial data. It underpins the trust the whole ecosystem needs to have.
Finance in the future
Every time we talk about the future, we generally say it's like today but better and faster. Consider Experian Boost -- the idea of using alternative data to influence and improve your credit score. If you have reliable financial data from a variety of firms, you can now offer add-on or entirely new services that we hadn't even thought of years ago.
We already have a couple of million people on our API. With a reliable API, a small fintech doesn't face the same barriers to entry. You don't have to build a lot of things from scratch when resources are scarce.
I see this lowering the barriers to innovation. I see good, reliable, secure data enabling a lot of net new things for everyone.