The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Banks, Fintech Firms Form Organization to Promote Secure Data Sharing

by Chris Brook on Friday October 19, 2018

Contact Us
Free Demo
Chat

Big banks and fintechs joined together this week to form a new non-profit, the Financial Data Exchange, a subsidiary of FS-ISAC, designed to promote a consistent standard for data sharing and security.

Big banks like Bank of America and Wells Fargo, financial services firms like Charles Schwab and Fidelity Investments united this week to form a coalition designed to better facilitate data sharing, and ensure users have control and security of their data.

The group, Financial Data Exchange (FDX) was formed Thursday as a subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC).

The goal of the non-profit is to gain traction around an API, the Durable Data API, first publicized by FS-ISAC in February. The aim of the free API is to make it easier for financial institutions and data aggregators to share data. With the API when a user wants to set up or add a bank account, they're passed to a secure server, presented with a consent page where they authorize that their data can be shared, then passed back to the financial application.

"Data sharing between financial application servers and financial institution servers is then done securely via a unique virtual token that identifies the consumer and their respective accounts," FS-ISAC said of the API earlier this year.

"The launch of FDX marks an industry turning-point toward the standardization of more secure financial data sharing," said Lila Fakhraie, co-chair of FDX and manager of the Digital Banking API team said Thursday, "Our efforts will improve the efficiency and security around the exchange of financial information and empower consumers to control exactly what account data is shared with third-party applications."

The group says one of the benefits of the API is the ability to do away with screen scraping and requiring login credentials, processes financial services companies usually follow to retrieve account information.

That FDX was able to land so many firms - in addition to the aforementioned, Experian, JPMorgan Chase, TD Bank, and USAA are also behind the initiative - lends credence to the API.

The formation of the group makes sense, especially in light of the public’s heightened concern around personal data and who has access to it.

Out of 17 industries, after healthcare, the financial services industry has the highest cost-per-record when it comes to breaches. Financial services organizations pay $206 per record, 29 percent more than the global average, according to IBM and Ponemon's latest Cost of a Data Breach report. The research firm Accenture, which released a similar report this year, said the cost of cybercrime has increased by over 40 percent over the last three years.

Tags: Industry Insights, Financial Services

Recommended Resources


  • An overview of the FFIEC CAT
  • How to use the CAT to identify areas of risk
  • How Digital Guardian helps reduce these risks
  • A compliance timeline for all 18 provisions
  • Financial services case studies
  • How Digital Guardian can help

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.