EBF asks Commission to support ban on screen scraping

Privacy of client data, cybersecurity and innovation at risk if EBA standards are dismissed and screen scraping continues

BRUSSELS, 16 May 2017 – The European Banking Federation has asked the European Commission not to dismiss a key recommendation by the European Banking Authority (EBA) on future electronic payments in the European Union. The EBF fears that the privacy of client data, cybersecurity and innovation are put at risk if the Commission does not fully endorse the EBA standards.

PSD2 introduces a general security upgrade for third-party access to a client’s data, bringing an end to practices known as ‘screen-scraping’ [VIDEO]. Such services, seen as a first-generation direct access technology, let third parties access bank accounts on a client’s behalf by impersonating while using their access credentials. PSD2 calls for the creation of a technology-neutral level-playing field for banks and fintechs, new and old.

The proposal requires banks to opt for either creating a ‘dedicated interface’ that lets third parties access bank accounts on behalf of clients, or to upgrade their client interface. These solutions would replace the old practice of screen-scraping. They ensure the continuation of direct access services in the EU in a secure way by empowering clients to decide for themselves which data can be accessed by third parties. The EBF sees the EBA standards as a common solution that ensures security and as a significant catalyst for innovation into the future in the European payments market, fully compliant with the EU’s General Data Protection Regulation (GDPR).

The European Commission appears to be willing to go against the EBA advice and may let screen-scraping continue by requiring banks to accept screen-scraping as an additional mandatory direct access method, forcing banks to maintain at least two interfaces. Banks are deeply concerned over this development and fear that such a choice would harm the development of electronic payment services. It would come at the expense of innovation in payment services and would make it more difficult to protect the privacy of account holders.

Says Wim Mijs, Chief Executive Officer of the EBF:

“The development of PSD2 can be compared to designing a new plane. You develop highly secure, innovative and sophisticated systems to make it fly. But what happens now, in the final development stages, is that the designers are required to put a heavy diesel generator on board. This plane then becomes too heavy to fly. If banks are forced to accept screen–scraping then PSD2 will never fly the way it was intended.”

Both banks and new entrants in financial services technology are actively engaged in an industry-wide effort to develop common processes and standards. The forum for this cooperation is the Working Group on Payment Initiation Services of the Euro Retail Payments Board, created by the European Central Bank.

Media Contact:

Raymond Frenken, Head of Communications, +32 496 52 59 47, r.frenken@ebf.eu

About the EBF:

The European Banking Federation is the voice of the European banking sector, uniting 32 national banking associations in Europe that together represent some 4,500 banks – large and small, wholesale and retail, local and international – employing about 2.1 million people. EBF members represent banks that make available loans to the European economy in excess of €20 trillion and that securely handle more than 300 million payment transactions per day. Launched in 1960, the EBF is committed to creating a single market for financial services in the European Union and to supporting policies that foster economic growth.