Credit Decision Engine

Credit Decision Engine

Credit Decision Engine - User Permissioned Data

Credit Decision Engine - User Permissioned Data

May 10, 2024

User permissioned data is gaining popularity and acceptance. In this article, we will talk about the history of user permissioned data, some of the major players in this space and how your credit decision engine must be ready to ingest this information through widget integration as well as API integration.

LendAPI Credit Decision Engine - User Permissioned Data
LendAPI Credit Decision Engine - User Permissioned Data

What is User Permissioned Data?

User permissioned data are information explicitly granted by the consumer to other third parties to use in a variety of ways. Today we will discuss the meaning of permission and permissible use in the context of banking and finance.

We will also dive into a breed of online applications and embedded applications that are specifically designed to allow consumers to give third party permissions to use this data to achieve a goal. 

We will also talk about how third parties might be able to use this data granted by their applicants and various use cases with respect to using a decision engine to work with this data.

The history of user permissioned data

The concept of permission, permissible use, permissibility of information has been around for a long time. From the early days of privacy laws passed around the world to protect individual information from being mishandled to the advent of technologies such as browser cookies and GPS tracking, consumers experience their data from being used on a daily basis.

In the early days of the internet, IP Address or Internet Protocol Address was widely used or abused to track user’s location. Sometimes unbeknownst to the consumer, their privacy is invaded by whomever that’s interrogating their IP location or IP Address.

Banks and financial institutions used information in the early days to detect and deflect fraud. However, buried deep inside of their consent languages, there’s probably always a bit that describes certain information such as IP Address will be used for the consumer’s benefit such as detecting hacking activities or account takeover situations.

Web browser cookies became popular by companies such as Double Click and Google, these are computer code injected through consumer’s web browser to gather information about their computer, their browsing behavior and history.

For many years, average consumers are unaware of the existence of such programs running on websites and gathering information as consumers casually browsing the web. It’s almost like a database collecting private information on the consumer’s computer and everyone has access to take that information and use it however they please. 

Even if sensitive information such as Social Security Numbers aren’t saved or shared within a person’s browser cookie, advertisers may not need such information to serve you advertisements that they see fit that’s customized base on your browsing history or shopping behavior.

Lately, the United States, and European Union has passed strict laws asking any company that collects personal information through browser cookie technology to let their customers know and get permission to gather this information.

This is why we see pop ups on just about all of the websites we visit asking for explicit permission to save your browser data and to use it. Oftentimes, consumers will click on “Accept All”.

In the banking and finance world, credit bureau data has always been considered as a key permissioned data for them to perform due diligence or underwriting. Out of all types of data being collected, credit bureau data and the explicit permissions to provide this information is as heavily regulated as in the medical field. 

Banks and FinTech have to collect explicit permission from their applicants to receive credit bureau information and they can only use that information to conduct a specific task within a short amount of time. After the information has been used, the banks aren’t allowed to use it any

Today’s user permissioned data trend

As consumers become less sensitive and more willing to share even more personal  information, there is a whole new class of user permissioned data infrastructure players coming into the field.

Almost all of them are in the financial sphere of influence. There are companies in the open banking space, payroll and income verifications space as well as enterprise solutions where companies can share their account receivable information as well.

We will talk about the type of data and highlight a company in each of the aforementioned categories.

Open banking permissioned data

Open banking is the latest trend in financial services and banking where consumers can take their banking transaction history with them digitally and give permission of their banking data to other businesses for, mostly, underwriting and verification needs.

There is a whole breed of early open banking pioneers such as Flinks, Edge, Chirp, Sophtron, Mastercard, Decision Logic, Nova Credit’s Cash Atlas

These companies provide a widget for consumers to log into their banking account, and through direct API integration and through screen scraping, consumers are porting their banking data to whomever requests it.

There were battles fought between these open banking firms and banks over who truly owns the transaction data. However, with the passage of the open banking law of Rule 1033 from Consumer Financial Protection Bureau, banks must allow consumers to take their data anywhere they wish to take them. This piece of legislation closely follows the European Union’s open banking law PSD2 or Payment Service Directive that allows European banks to let their customers get access and port their data elsewhere as they please.

There are also companies such as Edge and Quiltt that are helping fintechs to enrich banking transaction data to seek out even deeper relationships between credits and debit transactions to gain more insights through analytics and modeling efforts.

These companies provide scores and attributes much like credit bureaus' enhanced attributes and risk scores to help banks to identify cash flow hotspots from average consumers without having to dig into a ton of data and analyze them manually. 

Income and Employment Verification

There is a specialized group of permissioned data providers that allows the same consumers to log into their payroll accounts. 

These companies, just like the open banking data companies, are extracting payroll data such as payslips, direct deposit splits and employment history to provide this type of data to background verification companies or mortgage companies that need positive proof of income verification before a mortgage is issued.

These companies such as Truv, Pinwheel are at the forefront of developing technology to allow average consumers to quickly verify their income and employment to get their mortgage approved faster.

Mortgage companies are relying on these employment and income verification permissioned data companies more and more to stay competitive and compliant with respect to various mortgage underwriting regulations borne out of Dodd-Frank Act of 2010. 

Account Receivable and Account Payable permissioned data

When it comes to consumer lending and consumer banking, there are a ton of great companies offering permissioned data gateways and widgets. 

In terms of commercial lending, account receivable financing or working capital, there are a handful of companies that are in the space of porting over account receivables data to lenders and banks for underwriting processes.

There two companies such as Codat, Rutter, Railz, upSWOT where they connect Quickbooks, Shopify and even IRS to present a complete cash flow and financial statement for small businesses who wishes to keep an eye on their own business as well as provide permissions for lenders and creditors to review the health of their business in order to access more capital. 

Credit decision engine and permissioned data

With all of this data coming through the aforementioned, a robust decision engine with various API integrations and well widget integrations are key to allow the right mix of permissioned data such as bank account transactions, payroll records along with identity verification data and credit data to complete your credit due diligence process.

In terms of commercial lending, an equally robust decision engine is needed not just with an open API but with widget integrations to allow small business owners to login to their account receivable systems.

When you are looking at a credit decision engine, you should look at the ability for the decisioning system to connect to various credit bureaus, identity bureaus as well as its ability to connect to these permissioned data provider’s widgets to inject the data as well as making them available for rule writing and score calculations.

This is a brief overview of the state of the current permissioned data providers and how they are helping to reshape the landscape of consumer credit as well as small business credit underwriting.

For more information, please visit our marketplace to browse through these permissioned data providers and their contact information.

About LendAPI

LendAPI is a DIY digital onboarding platform with a fully customizable product builder and an integrated graphical Decision Engine. LendAPI’s application workflow, sub-tenant management, third party integrations plus customer portal and communication methods is a complete end to end solution. It’s free to signup.