How can we tackle data security concerns?
In this new and fast expanding world of open data, it’s time to show that data sharing is nothing to be afraid of.
The new era of open banking is undoubtedly growing, with research predicting over 64% of UK adults will be adopters by 2022, along with 71% of SMEs. This is a real promising indicator for the future of wider initiatives such as open finance and even open data – but there is still one hurdle to overcome.
Research indicates that some consumers and businesses are still wary or uninformed about open banking. 51% of respondents claim to have never heard of open banking and 61% claim to have never used it, despite 80% admitting to currently using one or more mobile finance apps. ING identified this trend as the ‘attitude-behaviour gap’ whereby what respondents claim and how they behave when it comes to their finances “doesn’t necessarily align.”
It seems that after years of being told to never share your data with third parties, many financial service providers and SMEs need to be reeducated in order for initiatives like open data to reach their full potential.
What needs to be taught is that security, consent, and control is at the very heart of digital data sharing. The process of using APIs to connect financial platforms is significantly more secure than sharing sensitive data via email, with 95% of IT leaders stating that client and company data is at risk on email, according to an Egress report.
As noted by The Coalition for a Digital Economy (Coadec), “APIs are currently best practice for data exchange. They are far superior to the previous means of data exchange, screen-scraping” – a method of capturing data by storing users’ credentials.
How Codat keeps data safe
Our systems ensure all data is held to the very highest level of bank grade security, our platform passes all requisite penetration tests and is GDPR, ISO27001, and SOC 2 compliant. What’s more, all data is protected using end-to-end encryption and can only ever be viewed by authorized individuals. Not even Codat, nor the financial institutions or software providers we work with can see the SMEs login details. The SME also retains the right to revoke access at any time, if for instance, they stop working with the provider.
But that’s not all. Codat uses Azure services to ensure the safe storage of data and prevent physical access. The encrypted keys are not only managed by Azure, but they’re also kept in data centers that can withstand even cruise missile attacks. What’s more, logical partitioning in the data architecture ensures we never put all our eggs in one basket.
Much of the data we hold is all encrypted by the application layer and we ensure only limited systems can access it in its plain form and that these keys are recycled regularly. And just to ensure that extra peace of mind, access to any information is audited and limited to circles of trust defined in our active directory, with Codat moving swiftly to a break glass model for all production access.
We understand that SMEs may have questions about the security of their data. That’s why we have developed a range of resources to support our clients in the handling of these queries. Existing clients can get in contact with their Client Success Manager to find out more.
Codat in action
Over 100 different software providers and financial institutions already trust Codat to keep their customers’ data safe. This includes Invoice Trading Marketplace, Invoicefair. Invoicefair offers a range of clever funding solutions that enable SMEs to turn invoices and purchase orders into instantly accessible working capital. Via Codat, Invoicefair are able to gain consented and secure access to the accounting, banking, and commerce platforms their SME customers utilize regularly, using a white-labelled authorization flow they can trust. This enables Invoicefair to access the data they need to assess the financial health of their customers, comfortable in the knowledge that Codat makes no compromises on data security.
You can find out more about how Codat keeps data safe and our attitude towards security here.
Sign up for your free account today to get started or visit our docs to find out more.