RESTON, Va. -

The Financial Data Exchange (FDX) is closing the year with its latest release that includes a myriad of technical standards and updates to the existing specification that have now been launched into the financial services marketplace.

“FDX’s fall release is another milestone and proof point of how FDX continues to deliver on its promise to unify the financial industry around secure, common, interoperable and royalty-free standards for user-permissioned data sharing and open finance,” FDX managing director Don Cardinal said in a news release.

“While this release represents many technical components of consumer data sharing and open finance, the end result is a more robust, secure and transparent way forward for consumers to understand, leverage and benefit from their own financial data and improve their financial lives,” Cardinal added. 

The components of the latest FDX release include:

— FDX API version 4.5: This latest version of FDX API includes new features that improve account number security via an optional use of tokenized data for payments and improves the data quality for use cases such as lending via expanded account holder information fields.

— User Experience (UX) Guidelines version 1.0: This first iteration of the FDX UX Guidelines provide implementers of the FDX API with clear direction for designing permissioning processes for end-users to grant consent to access their financial data. Based in extensive user research and drawing on the collective expertise of our members, the documentation describes the concepts of financial data sharing, data flow and data clusters, followed by specific guidelines to ensure that the data sharing user experience will increasingly be a consistent, familiar, and friction-free process.

— Personal Financial Management (PFM) Use Case: Developed after months of consultation among FDX members, this first FDX defined use case provides end-users with access to data they need to manage their personal finances while ensuring data minimization so that only necessary data is shared. Specifically, the PFM Use Case defines the minimum required data elements consumers must share to power personal financial management apps and services without sharing additional unneeded financial data.

FDX plans to approve and certify additional use cases in the future such as credit management and servicing, account verification and tax preparation.

— Taxonomy of Permissioned Data Sharing: FDX is providing this set of common data sharing terminology to align industry stakeholders and help regulators and policymakers better understand and define the various roles and perspectives within the user-permissioned financial data ecosystem.

The taxonomy also includes comparison of similar terminology defined by regulators, policymakers, and other financial services industry bodies.

— FDX Financial-Grade API Security Specification version 3.2: Adopted from globally recognized FAPI v1 standard from OpenID Foundation, this Security Specification aims to provide specific implementation guidelines for online financial services to adopt by developing a REST/JSON data model protected by a highly secured OAuth profile.

— Control Considerations version 3.2: This documentation represents a reference architecture addressing security, and fraud concerns in user-permissioned financial data exchange between financial institutions (data providers), data aggregators (data access platforms) and fintech applications and services (data recipients).

FDX explained this reference architecture will better align security, risk, cost, fraud and user-experience with consumer expectations to be able to view and manage all their financial relationships in one convenient location. Specifically, version 3.2 includes guidelines for application-level encryption in data transmission and updated references to FIDO 2.0 — a design pattern for direct authentication of end-user via mechanisms such as biometrics.

— Foundational Requirements version 1.0: The document covers operational quality requirements that data providers must meet to apply for a FDX use case certification. The document covers availability, performance, and security requirements, and is part of a series of certification documents that will outline the FDX certification requirements.

All FDX releases originate with work by FDX’s global array of members from across the financial industry spectrum in FDX’s committees, working groups and task forces to arrive at technical standards for the entire financial services industry.

This week’s release was approved by the FDX board of directors in September and completed satisfaction of a 60-day objection period.

“The standards, products and updates contained in today’s release represent the best of financial industry collaboration and offer critical guidance and industry-led standardization that will deliver a more consumer-centric, secure and transparent open finance data sharing experience for consumers,” FDX’s director of product Dinesh Katyal said.