By David Poole, Business Development Director, MYPINPAD
2016 was a year of significant change. It was also a year where predictions, from the winner of the US election to the outcome of the UK European referendum, were proved incorrect.
However, this does not mean that we cannot look at financial trends from 2016 and expected changes and developments in 2017 and reach conclusions as to what we can expect.
Whilst 2016 didn’t see a breach of the same scale as those that attacked the Office of Personnel Management, Target or Sony during 2015, multiple attacks targeting personal information, federal agencies, health-care organisations and telecom providers did occur.
According to the Identity Theft Resource Centre, there were 522 reported breaches by the middle of July2016, exposing more than 13 million records.In addition, the likelihood of a material data breach involving 10,000 lost or stolen records in the next 24 months has risen to 26%.
Overall, not only have data breaches become more frequent, but their impact has become greater both in terms of the volume of data stolen, andin its sensitive nature.Once a data breach occurs the consequences for the affected organisation can be life-changing. For instance, IBM’s eleventh annual Cost of a Data Breach Study (2016) revealed that the average consolidated total cost of a data breach for the affected company is roughlyis $4 million.
Most companies are already embracing the urgency that this scenario presents and how they can better improve their security, but some are sometimes slow to take steps that will delay internal processes or hinder customer experience.
Nonetheless, data breaches aren’t going anywhere and we will expect to see more organisations in 2017 implementing more preventive and defensive security methods, as well as new technologies being developed and implemented for this purpose. Many companies will focus on employing stronger and multi-layered authentication, as encouraged by the Second Payments Directive (PSD2), which will also mean that even if they face some inevitable breaches, access to accounts will be nullified as the stolen partial information won’t be enough to be usable.
The Second EU Payment Services Directive will have a significant impact on financial services in 2017. The Directive is more than simply making accessing financial services convenient and safe. It is also designed to make it easier for new entrants to access the market.
PSD2 will introduce Access-to-Accounts, which gives Third Party Providers (TPPs) direct access to consumers’ accounts. This also means that consumers’ card details don’t need to be shared online when making purchases.
Banks will have to provide TPPs direct access to Payments for Payment Initiation and Account Information Services through an application programme interface (API).. They will also need to ensure that they have the appropriate security measures in place to prevent fraud and also to respect consumer confidentiality. 88% of banks agree that security and data protection is a big concern with PSD2.
Banks, are of course, nervous about what PSD2 could mean in terms of them retaining market share and client base. Research from 2016 revealed that two-thirds of bankers were concerned about losing control of their client interface. The research has concluded that banks are adopting a nervous “wait and see” approach to PSD2. However, this doesn’t mean that they aren’t getting the technology in place for it.
Another 2016 survey showed that 88% of banks see the challenge of overcoming their legacy systems, and the high cost of implementation as a barrier against their digitization. Only 14% of banks were confident that on ‘day one’ they would have APIs in place to support open access..
Yet, challenges are also opportunities. PSD2 aims to foster innovation through increased levels of competition, essentially providing challenger banks and FinTech’san opportunities to gain market share. It also gives the traditional banks the opportunity to innovate, to adopt new technologies and new thinking to pursue a truly customer-centric vision of retail banking.
The banks who get this right and are the first to adopt this new mentality will be the banks who will succeed in the PSD2 shaped landscape.
2017 will be a year of challenge and opportunity for financial services;the challenges of data breaches and their wider security implications and the challenges of PSD2. It will be a year where banks, both traditional and challenger, have to turn these challenges into opportunities. The technology is there to achieve this. All that is needed is a change of thinking.
Finextra research, Banks rethinking business models as PSD2 looms- https://www.finextra.com/news/fullstory.aspx?newsitemid=27327
Oracle Financial Services Global Business Unit,Banking is changing…with or without the banks Response to the millennials digital expectations 2015,page 17
 Finextra research, Banks rethinking business models as PSD2 looms-
“Original publication in Finance Digest Issue 1 https://www.financedigest.com/