FNB is warning its customers against using third-party services which employ the use of screen scraping.
Screen scraping is a process through which a third-party would, with your permission, “impersonate” you.
Say for instance you are applying for a loan and the provider needs three months of bank statements etc. The provider could use screen scraping to make the process faster.
Here, you would key-in your login details so that the third-party can access that information on your behalf.
And this is where FNB’s release comes into play because the bank is not a fan of screen scraping.
“No matter how reputable the retailer or app may be, the simple fact is that when you share your login credentials details with a third party, even in a secure environment, you expose yourself to financial crime and privacy risks, not least because your account security and data privacy can easily be compromised,” wrote chief executive officer of the EFT Product House for FNB, Ravi Shunmugam.
Here we can’t fault Shunmugam because they are correct. Keying in your banking login details into a website that isn’t your bank is ill-advised.
The concern here is that because you are handing that data over to a third-party, you are now entrusting that party with your data.
FNB is opposed to screen scraping and is “working closely with the country’s payments industry bodies to highlight the potential risks of these practices to consumers, banks and merchants alike, to fast track stronger regulatory oversight”.
And regulatory oversight is what we think is the missing piece of the puzzle here. There must be strict rules in place for screen scraping services especially as regards the storage of information.
Should it be done away with though?
That’s unfortunately not a call we can make though there is an alternative to screen scraping.
In 2018 the European Union introduced a new regulation called PSD2. These regulations seek to give third parties access to a bank’s infrastructure although this access is tightly controlled and heavily regulated. The net result is a highly integrated payment ecosystem no matter which platform you use
This means legitimate players have secure access to data and customers can control how that data is used.
Screen scraping then is a necessary step toward a more open banking ecosystem.
What strikes us as odd is that FNB didn’t mention an alternative to screen scraping just that its dangerous which while true is not exactly fair.
A knife for instance can be a weapon or a tool used to craft a meal but we don’t see knives getting a bad rap.
What’s more is that there is clearly an appetite for easier payment solutions as FNB itself noted in its press release.
“As ecommerce has grown significantly during the lockdown period, FNB has noticed a steady increase in the number of its customers entering their details into screen scraping tools, particularly for third party EFT payment processes,” wrote Shunmugam.
Clearly the service provided by FNB is not appealing to customers and so they’re using something that does. In addition, FNB warning customers isn’t going to stop them from using third party services which make use of screen scraping.
Regulation surrounding this space then needs to move fast because Shunmugam is correct in saying that there is a risk with using screen scraping.
As we’ve seen time and time again though, risk comes second to convenience for most people.[Image – CC 0 Pixabay]