How safe do you feel when dealing with money online, whether that’s checking your balance, settling bills via your bank’s online platforms, going on a spree at Amazon or paying up on a parking fine?
How would you feel about using Facebook to do those things?
Because that’s one of the things that an EU directive passed a year ago has cleared the way for, and it’s what Barclays, one of the world’s biggest banks, is thinking of doing.
Speaking at a database conference in London this week – MongoDB Europe – Bala Chandrasekaran, Barclays’ director of data optimization and simplification, explained how moving to a NoSQL database has relieved the pressure on the bank’s mainframe infrastructure, which has on occasion failed.
The bank has created an operational data store (ODS) based on MongoDB’s NoSQL database, which sits between services such as online banking and the mainframe. This creates a snapshot of data such as account balances and transaction history, which, it turns out, are the bulk of queries made by customers.
Moving to MongoDB means not only less strain on the mainframe, but also the ability to serve snapshots of transactions and balances to whichever channel the customer prefers – which could include third-party platforms such as Facebook, he said.
According to a writeup of the news in Diginomica, the EU PSD2 directive, passed a year ago, is opening the way for third-party platforms like Facebook to step in and do tasks such as present us with our bank balances.
Chandrasekaran explained:
Simply put … you just go to Facebook and say show me my balances, it brings up the data and shows you. [We would be] opening up the bank’s data and expose it out. Which means, it’s no longer people logging into our channels to ask for the data. It’s going to be people logging into something else, which is requesting the data.
His team is offloading processes out of the mainframe now, seeking to have the MongoDB switch from pressure-relief valve to instead handling the heavy burden of transactions. That could happen by the second quarter of 2017, he said.
Is it mad to trust a platform such as Facebook with more than read-only financial interactions with banks? Or even with something like your account balance, which might be tasty fodder for advertisers to gobble up and target-market you with?
I’ve asked Facebook how it might intend to use financial information for marketing purposes, if at all, and will update the story if I hear back.
From a security perspective, it might not be mad at all. True, we’ve seen bank accounts drained by online crooks, like the recent e-bank robbery of Tesco Bank.
But however you feel about Facebook, the company’s damn good at keeping the hackers at bay.
Beyond security, a possible move by Barclays to offer banking services via Facebook raises interesting questions about compliance with banking regulations. But the fact of the matter is that with the new PSD2 directive, the European Parliament has green-lit exactly this type of innovation, specifically as a means of improving the security of online payments.
These are some of the other changes the new rules introduce:
- Introduction of strict security requirements for the initiation and processing of electronic payments and the protection of consumers’ financial data;
- Opening the EU payment market for companies offering consumer or business-oriented payment services based on the access to information about the payment account – the so-called “payment initiation services providers” and “account information services providers”;
- Enhancing consumers’ rights in numerous areas, including reducing the liability for non-authorized payments, introducing an unconditional (“no questions asked”) refund right for direct debits in euro; and
- Prohibition of surcharging (additional charges for the right to pay, for example, with a card) whether the payment instrument is used in shops or online.
At any rate, this won’t be Facebook’s first push into the financial services space. It’s made moves that suggest it wouldn’t mind replacing PayPal or competing with its payment services brethren, such as Google Wallet.
Three years ago, Facebook was testing an “Autofill with Facebook” feature to autofill credit card information.
And in 2014, Facebook was rumored to be moving to establish migrant remittance services.
What do you think: will you trust Facebook with your bank balance? Or to conduct financial transactions, if that’s in the offing?
Let us know what you think in the comments section below.
Mike
I wouldn’t trust Facebook with a bag of jelly beans, let alone this.
ejhonda
Why not? What could go wrong? I mean, other than the constant stream of FB users who get hacked all the time, through their own ignorance rather than some technical vulnerability of FB’s doing. Online crims have to eat too, I guess.
CMIT of Gilbert/Mesa (@CMITgilbert)
I would NEVER access banking information via Facebook! Facebook can’t even reliably remember the privacy settings for my puppy pictures. I definitely wouldn’t connect them with my bank account. I’m glad it’s not MY bank that’s saying, “We’re overburdened by customers who want to access their accounts online, and we really can’t be bothered to fix it; we’ll send them to Facebook instead.”
Keith
I’m pretty sure that I would not trust Facebook with my bank information (either read or write). Also, who is responsible if your account information is compromised? It could easily turn into a blame game between your bank and Facebook.
Tuner Nerd
My first thought before even reading the article was, “What could POSSIBLY go wrong? Besides EVERYTHING, that is.” No one (aside from a few dozen people I know personally) has EVER had their FB page hacked, eh?
I refuse to use FB to login to ANYTHING!!
Dave
Could it be time to withdraw from Internet Banking and dust off that old cheque book. Why not visit your local bank, if you still have one!
Tim Boddington
Not for me either! I also think it is time you advised against users logging in to services via their Facebook logon. This must be the worst form of multiple use of a password. I would seriously downgrade a company that offered FB login to its customers.
catlett (@catlett)
This would raise social engineering to a spectacular high. An idea SO dumb that I am flabergasted the person who thought of it not only didn’t get fired or relegated to the mail room but it got raised high enough for consideration and then to the press. Now I’m going to have to monitor Barclay’s constantly with a short order ready to execute.