Updated Open Finance data security standard gains four more supporters

The newest additions to the consortium will join an existing network of supporters that includes fintechs flashes, MX, Plaid and trueworkand security compliance companies Drata, Laika, Secureframe and Vanta.

Following this, the updated version 1.2 of the framework was recently released, outlining further application security controls that secure an enterprise’s software development lifecycle.

The OFDSS framework now includes 79 individual security requirements in 13 control areas that address common data security risks. These requirements are contextualized with implementation guides, as well as audit steps to ensure compliance.

A necessary standard for a changing financial landscape

The availability of cloud infrastructure and enabling technologies that have made it easier for businesses to deliver digital financial services at scale has enabled digital financial innovation to flourish.

As a result, thousands of new applications and services have sprung up over the past decade, representing a significant change in the way financial services are delivered, as well as in the profile of the companies providing them.

However, existing data security standards were not designed specifically for modern, cloud-native delivery models or the resource constraints of start-up companies.

OFDSS was created to fill this gap and create robust, auditable data security guidelines that maintain alignment with common and relevant criteria found in other security frameworks such as SSAE18 TSC for Security and NIST CSF, while by providing clear requirements optimized for cloud-native technology. targeted startups and growth-stage companies.

Shano Fonseka, chief risk officer at Plaid.
Shano Fonseka, Chief Risk Officer, Plaid

“The industry is rallying around OFDSS as it will help raise the bar for data security in the fintech ecosystem at a time when the pace of innovation is accelerating,” said Shano FonsekaChief Risk Officer at Plaid.

“It provides a solid framework that helps fintechs improve security while enabling innovation, gives banks a level of trust about companies connecting to their APIs, and most importantly, helps protect consumers.”

“Trust is key in banking,” added Kieran hinessenior analyst at Celent. “As a result, data security is at the heart of the open finance ecosystem. The OFDSS plays an important role in supporting the creation and adoption of new services by providing a clear and rigorous security framework for market players to follow. This is in the interests of banks, fintechs and the customers they serve. »

Comments are closed.