Privacy in Financial Innovation: a Value Sensitive Design for PSD2

Master thesis (2017)

Authors

J. van der Heijden Technology, Policy and Management

Contributors

Faculty
Technology, Policy and Management, Technology, Policy and Management
Copyright: © 2017 Jaimy van der Heijden
More Info
expand_more

Published Date

07-09-2017

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Technology, Policy and Management

Abstract

The European Commission introduced PSD2 with the purpose to promote innovation by increasing competition and participation of non-banks in the payments industry. Amongst others, PSD2 requires banks to allow a way for third-party providers to have direct access to a current account’s data if authorized by the customer. This forces banks to open up their databases which calls into life a particular stream of questions about how technologies should be designed in order to preserve privacy. Therefore this research was dedicated to designing a framework of general principles for the inclusion of privacy in innovation within the financial industry, in particular for the incumbent bank.

The Value Sensitive Design approach was utilized in order to provide this framework through a qualitative explorative case study. In the conceptualization stage of VSD, privacy was defined through a literature review. For the empirical investigation, data was collected through semi-structured interviews with eleven experts from three of the four types of stakeholders. Values that were identified in literature were qualitatively validated by scoring their importance relative to each other. For the technical investigation, the most important values were translated into design requirements by utilizing the value hierarchy method. The application of VSD to innovation in finance is the theoretical contribution of this research.

Privacy was conceptualized as complex and interrelated with other values. Values related to privacy in the case of PSD2 were also identified in several literature streams. Through a qualitative validation, the final set of values to be reflected by technology designed after PSD2 was determined which shows that privacy is the value of greatest importance to be included in financial innovation. Also, based on the insights experts brought forward during the interviews, five ethical challenges that come with the implementation of PSD2 were identified. The applicability of the value hierarchy method was demonstrated by translating the value privacy into six design requirements. These six design requirements addressed the end-user’s ability to make an informed decision for consent, ex-ante privacy assessment through standardized licensing procedures and a shared license database, the possibility for end-users to manage information disclosed through APIs and the limitation of information referring to transaction’s counterpart that did not consent.

Files

Privacy_in_Financial_Innovatio... (pdf)
(pdf | 1.97 Mb)
- Embargo expired in 23-08-2019
Unknown license