Woman in apron looking at smartphone and typing on laptop in interior of modern coffee shop
Citizens Bank is headquartered in Rhode Island but has branches across the United States.Getty Images

  • Banks can face security risks when customers share their financial data using third parties.

  • Citizens Bank built a tool designed to let clients securely and efficiently share data.

  • This article is part of “Build IT: Connectivity,” a series about tech powering better business.

Banking customers often share their financial data on external platforms, such as budgeting tools and accounting software, to help them manage their money.

But for financial institutions, giving out that data can come with security risks.

One popular way to transfer banking data to other applications is “screen scraping,” in which a bank’s customers share their login credentials with a third-party app that then mimics user behavior to pull financial data onto the external platform.

Taira Hall, the head of enterprise payments strategy at Citizens Bank, told Business Insider the practice poses several risks to customers. Cybercriminals can exploit the third-party app to gain access to the customer’s account, and the screen scraping software may misread data and display outdated or inaccurate information.

To address these issues, Citizens built an open banking API, or application programming interface, a type of technology that allows software to “plug in” and access data from other software.

The tool is designed to let customers securely access their financial data, such as balances and recent transactions, on external platforms without the need for screen scraping.

A professional headshot of a blond woman wearing a white shirt.
Taira Hall is the head of enterprise payments strategy at Citizens Bank.Courtesy of Citizens Bank

The new tool relies on the concept of open banking, an idea that emerged in the early 2000s when online banking became more common. In its most basic form, open banking allows customers to share their financial data with service providers other than their bank.

Today, sharing data for consumers via open banking API is standard. Citizens’ API, however, allows commercial customers to do the same.

Ravi de Silva, the CEO of De Risk Partners, a consortium of financial consulting firms, told BI that open banking creates a foundation for more personalized, efficient, and transparent financial services.

“Instead of locking customer data inside a single institution, open banking empowers individuals to use their own data to access better lending options, budgeting tools, and other financial services,” said de Silva, who was the global head of compliance testing at Citigroup before founding De Risk Partners. “It shifts the balance of control toward the consumer, not the institution.”

Citizens’ commercial customers, such as stores, restaurants, and business service providers, may use open banking data to automate expense tracking or verify income for gig workers, while other banks can use the data to assess borrower risk in real time instead of relying on credit scores. The API provides access to a wide range of financial data in one place, allowing customers to easily gather information from sources like invoices and payrolls.