The advent of GDPR and the EU PSD2 open banking directive could hardly have been more timely for Galway-based Priviti. Established in 2015 by Gerard Barry, who previously founded Fintrax and sold it in a multi-million dollar deal to Exponent Private Equity 2012, the company has developed a patented solution to manage consent for data-sharing and transactions simply and securely in real time.
The company was initially targeting transactions such as consent for passport details or health record-sharing over mobile phones but the market has transformed in a very short period of time. "Two tsunamis came at it in the form of GDPR and open banking," says chief executive Dave Cunningham. "They brought a whole new raft of use cases with them."
Public disquiet over data-sharing prompted by a number of factors, including the Facebook Cambridge Analytica scandal, was also timely. "When he testified before the US Congress Mark Zuckerberg didn't have the systems in place to tell him what developers were doing with his customers' data," says Cunningham. "He didn't know what was going on. People were comfortable up until then giving blanket consent based on a 47-page terms and conditions document as long as they got a free service."
But attitudes and regulatory realities have changed. “With GDPR you have to be sure that people are fully informed. If a bank customer is changing from a tracker to a variable rate mortgage they have to be fully informed of what is happening. They also have to have a record of their informed consent. That’s where our system comes into its own. Blanket consent doesn’t cut it anymore.”
The open banking directive is also creating demand for the system. Banks in Europe now have to open their systems to third parties to allow their customers avail of an expanded range of services. Again, this requires robust systems for consent management on a case by case basis. The Priviti solution allows customers to both grant and revoke consent for data-sharing securely, and no sensitive credentials are ever shared, stored or monetised.
Head of business development Mia Iwama Hastings explains that the Priviti solution can help banks and others regain the trust they need if they are to maximise the value of the data they hold. While data may well be the new oil, trust and consent are crucial to keep it flowing.
“Companies that can’t establish trust won’t survive, and in order to establish and maintain trust companies need to enable power consumers to grant consent and to revoke it at any time. They also need to be able to prove this, and keep audit trails for regulatory compliance.”
The solution is currently being rolled out on a trial basis in a major retail bank in the US, as well as with a number of other significant customers. "It's a really exciting time for us," she adds. "We recently announced that we have joined Temenos' MarketPlace, a platform which connects global banks with the best fintech solutions, and have launched in Sydney as Australia prepares for Open Banking and the Consumer Data Right."