Open banking experts have welcomed the City regulator’s changes to the 90-day authentication rule.
Following a consultation, the Financial Conduct Authority recently unveiled it was shifting the requirement to reauthenticate consent every 90 days to the third-party provider which is accessing the service.
That means a user of a fintech app will not be sent back to their bank every 90 days to reauthenticate and give permission for their data to be accessed but this will instead be done by the open banking provider.
Daniel Rajkumar, managing director of Rebuildingsociety, a peer-to-peer lending platform that uses open banking, was pleased with the rule change and said it will benefit platforms using the data-sharing initiative.
“It’s a welcome development,” he said. “It’s progress. I think there’s more to do, it’s in the right direction. It addresses the points of different people’s grievances. It will definitely make it easier for us.”
Read more: Tink predicts open banking “boom” in 2022
Glen Keller, chief product officer at CRIF Realtime, welcomed the regulator’s announcement, but added that he wants clarity on things that are still unknown such as when the changes will be implemented and how providers will accept users’ consent and if they will need agreements in place with banks.
“While I recognise that any movement on the current 90-day refresh is positive, I believe that there was an opportunity to go further and reduce the friction fully for end users,” Keller said.
Open banking stakeholders have previously told Peer2Peer Finance News they wanted the reauthentication rule to change as going through the process of reaffirming consent every 90 days causes “fatigue” for consumers and is a “pain” for lenders.