November 5, 2019
By Will Hernandez
Published November 05 2019, 9∶00pm EST
More in Data transparency, Data ownership, Data management, Data sharing, Mobile banking, Digital banking, APIs Mastercard
Mastercard has injected itself into the long-running banking debate on data sharing standards, recently releasing its own set of proposed principles intended to help guide data ownership and protection. But while other efforts have focused on determining data ownership, or spelling out which party should be liable in a data breach, the card network says it is trying to reestablish the connection between customers and bankers that has been lost in the shift to mobile and digital-first banking.
“It used to be that you would walk into a bank branch and get to know your banker, and that’s not something we’re doing much anymore,” said JoAnn Stonier, the chief data officer at Mastercard. “How do you incorporate that kind of trust in a digital age?” Mastercard is seeking bank partners for what it calls the Data Responsibility Standard, though it’s still too early to say whether the industry will go along with the card network’s initiative. It is not a mandate like the migration to chip-based cards, nor does it mirror data-sharing standards led by organizations like the Financial Data Exchange. Instead, the initiative is intended to signal to consumers that banks which agree to it will abide to data ownership and data protection standards.
The initiative’s principles fall under broad categories, including security and privacy; accountability; transparency and control; integrity; innovation and social impact. Mastercard held up one of its own programs as an example: The firm sponsored research in New Orleans last year, where data scientists analyzed anonymous card network data, as well as publicly available third-party data, to get a better understanding of the region's economy to improve overall financial inclusion. Mastercard is counting on the trust customers still have in lenders despite the challenges created by the financial crisis, the Wells Fargo scandal and data breaches. The card network earlier this year surveyed consumers in several countries and found 87% of U.S. consumers generally trust banks and other financial services companies. Preserving that trust as open banking concepts and open application programming interfaces grow in the U.S. is crucial, Stonier said. “Open banking is another great example of the nature of data today that consumers need to understand; who has their data and for what purpose?” Stonier said. “Because of the nature of that kind of data sharing, having a set of common principles and practices becomes really appealing, especially if you’re the individual who’s trying to navigate all of this,” she added. Since customers are the ones increasingly linking sensitive bank information to third-party finance apps, it makes sense to embrace a set of principles aimed at addressing their concerns about data, said one bank executive. “What MasterCard is doing is quite interesting because they're coming up with principles and a framework, which are probably better in the long run than a hard-and-fast rule about what fields of information can you share,” said Chris Maher, the CEO of the $8 billion-asset OceanFirst Financial. “I think we’re all going to have to develop that relationship with our customers and develop something that is in fact more of a framework,” he added. Maher noted banks must shift from past practices on communicating data privacy and data sharing. “We would mail them, by law, a big complicated disclosure every year. And that was the extent of the way we thought through customer privacy.” Maher singled out PayPal’s person-to-person payments app Venmo as one service where he sees increased data sharing among the bank’s customers. “Consumers are actually looking for us to take the data that we have and to use it intelligently for their benefit,” Maher said. “So now, you have a little more complicated relationship between ourselves and our customers. “We have to keep their data private, but the data that we have, if we can use it to make transactions easier or better for them, they're all for that.” Banks in the U.S. are making moves to ensure data integrity.
A handful of banks such as U.S. Bank, JPMorgan Chase, Citigroup, and Wells Fargo have moved forward to sign data-sharing agreements with data aggregators and fintechs to deliver customer account information through application programming interfaces. However, a number of banks American Banker reached out to either declined to comment or did not respond to an inquiry about Mastercard’s plans. Ron van Wezel, an Amsterdam-based senior analyst for Aite Group, views Mastercard’s initiative as a plus for the network’s partner banks. “Mastercard has a global network of banks in which they set the standards, and coordinate development of business practices,” he said. “This new initiative, if backed up by resources, will certainly support bank involvement.” At least one other third-party organization sees great value in Mastercard’s effort. In July, the Open Financial Exchange and the Financial Data Exchange announced they were working together to create a single data standard around banks’ ability to resolve technical issues involved with data sharing. The Financial Data Exchange is attempting to fight against screen scraping, where consumers give their online banking usernames and passwords to a third party so they can log in as the user and scrape their bank account data. “We believe that when large groups of related firms collaborate — such as financial service providers, credit bureaus, core processors, trade associations, fintechs — we all benefit,” said Don Cardinal, the FDX’s managing director. Cardinal added that Mastercard joined the FDX’s efforts in May.