‘Policing the Road’: Sensedia, Incore Bat for Open Banking as Critical to Secure Data Sharing

Open Banking is gaining momentum, with Malaysia advancing step by step into a more democratised financial future. But lurking beneath this progress is a serious risk: fraud, the single factor that could torpedo the entire initiative.

Application Programming Interfaces (APIs)—the backbone of open banking—can and are being abused by cybercriminals, who have at their disposal various ways to exploit APIs, including credential stuffing, weak validation, and man-in-the-middle attacks. Sometimes, APIs themselves are problematic to begin with, resulting in API key leaks and excessive data exposure. This is exactly the kinds of opening nefarious individuals need to commit fraud.

It’s unsurprising then that the fraud problem in Malaysia is worsening seemingly by the month, and it’s costing Malaysians a lot of money. The Penang Institute, in fact, reported that Malaysia lost RM54.02 billion to scams in 2024 alone, or the equivalent of 3 percent of the nation’s GDP. Worse

still, victims of fraud and scams lost over RM8,800 on average, and only 2 percent of them were able to recoup those losses.

A Major Problem That Needs to Be Addressed Immediately

These staggering figures not only illustrate the gravity of the fraud problem in Malaysia but also highlight the need to protect consumer data. This pressing need for data protection was emphasised by Alan Tan, Co-Founder and Managing Director at Incore Innovation Sdn Bhd, and Lisa Arthur, Senior Vice President, USA and APAC, at Sensedia, in an exclusive interview with Cybersecurity Asia right after the staging of Malaysia Open Banking Summit.

“In Malaysia, scams are rising at an alarming rate. If we fail to protect personal data effectively, even with the Data Protection Act in place, scammers will continue to exploit these gaps.” Tan pointed out.

For Arthur, the issue is not having the kind of secure framework that will protect the data consumers will be sharing in their financial transactions, whether in banks, e-commerce, or other similar institutions.

“One real danger is not having a secure framework for data sharing. Open Banking addresses this by managing consent and authorisation within a financial-grade framework that protects consumers when their data is shared.” Arthur explained. “Customers know exactly who they are sharing their data with, they maintain full control, and third parties connect using the same secure APIs. Without this framework, true security cannot be guaranteed and that lack of structure becomes the biggest risk.”

“This urgent need for a secure data-sharing framework is exactly why financial institutions must embrace Open Banking”, Arthur noted. Those that resist risk falling behind, because consumers will share their data regardless and the institutions that empower them to do so safely will earn their trust and loyalty.

But now the question is, why open banking? How can it facilitate the kind of secure data sharing consumers deserve so they can avoid being scammed or defrauded?

How Open Banking Polices the Road That Is Technology

During his keynote at the Malaysia Open Banking Summit, Tan used a striking analogy. He likened Open Banking to traffic lights bringing order to busy roads, with APIs as the roads themselves. “APIs are the roads, but governance is the traffic lights—without it, innovation crashes,” he emphasised. By standardising APIs, regulating data-sharing practices, and enforcing compliance, Open Banking effectively polices the flow of technology. It ensures that as data moves faster in our increasingly digital world, it does so safely, securely, and in the right direction.

With scams on the rise and Malaysians increasingly wary of fraud, the country cannot afford to let data-sharing technologies go astray—not when digital transformation is accelerating and Malaysia is positioning itself as a regional digital hub.

This, combined with a youthful, mobile-first population, creates a powerful opportunity for financial institutions to embrace Open Banking. Consumers are demanding services that are fast, convenient, and secure. Those who adapt will lead; those who don’t risk being left behind.

That is why the partnership between Incore and Sensedia is so timely. By bringing Sensedia’s globally proven API expertise into Malaysia and combining it with Incore’s local strength in identity, compliance, and security, the two companies are helping to establish the framework for safe, standardised, and trusted data sharing.

In essence, Open Banking is the traffic system that keeps innovation flowing safely. Sensedia and Incore are committed to ensuring the lights stay green—clearing the road ahead for Malaysia’s financial ecosystem to grow stronger, more secure, and more connected.