The concept of open banking, as structured by the U.K.s Open Banking and PSD2 regulations, is designed to enable third-party payment service providers (TTPs) to access account information and perform payments under the authorization of the account owner. This represents both a challenge and opportunity for financial institutions and TPPs. Open banking significantly widens the threat surface and puts consumers and financial institutions at greater risk of attack. Financial institutions must focus on implementing security controls to reduce the risk of an attack.”]