The world of Open Banking relies on data exchange and although ‘data’ is the most discussed topic it really should be ‘consent’, as without consent data holds no value to anyone else but the owner. The relevance and the business case of Open Banking fully rely on consent, that must be fine-grained and at the same time, very easy to manage, change, give and revoke. Top this with the more complex consent layers of authorisation within a business or corporate environment and it is easy to see why modern, scalable consent management is a fundamental component of an open banking environment.
As not all banking services lend themselves to an open data exchange, banks and payment providers might face situations where they need ‘on the go’ consent services for a niche set of solutions or customer segment.
PocketConsent provides in a Consent-as-a-Service model the ability to allow users to give access authorisation (consent) to bank accounts held at their ASPSPs, as well as consent to non-bank data sets such as accounting, government, tax, company, or in fact any data set held by any data controller under GDPR regulation and definition. Applications that reside on top of the BankiFi platform can now provide context to the user on how their combinations of data will be used. PocketConsent not only captures consent to access individual data, it also captures the consent to use the data for a specific purpose (applications) which of course includes the consent to combine data sets from various data controllers.
An open blockchain based audit trail stores the consent and purposes for which a customer’s data (a reference to rather than the actual data) has been accessed allowing any authorised party to view the data, such as regulators, data custodians, data consumers, data owners etc.