Open finance represents one of the most significant transformations in the financial industry in recent years. This model enables users to share their financial data, as well as information from other domains such as insurance, investments, or pensions, with various entities including banks, fintechs, and insurers, always with their explicit consent. Unlike the traditional system, where each bank operated within closed data silos, this approach paves the way for a more competitive, transparent, and user-centric ecosystem.
In Latin America, the development of open finance is progressing rapidly, although at different speeds across countries. Brazil stands out as the leading benchmark, with a fully operational system driven by its central bank that has evolved from open banking into a broader and more integrated framework. Unlike other markets, Brazil combines strong regulation with real adoption by both users and businesses, making it the most advanced case in the region. According to the Banco Central do Brasil, between 2021 and 2025 the open finance infrastructure enabled R$31 billion in credit operations that relied on data sharing, and the ecosystem reached 128 million active data-sharing consents. Financial inclusion rates have climbed to 82% of adults, up from 70% in 2020, according to the BCB’s 2025 Responsible and Inclusive System Report.
Mexico, meanwhile, was a pioneer with the approval of its Fintech Law in 2018, which laid the groundwork for open finance. However, despite having a defined legal framework, implementation has been partial and uneven. Cash usage remains widespread, although the 2024 National Financial Inclusion Survey, ENIF, reported an increase in financial product ownership, such as savings or credit accounts, to 77 percent of the adult population, up from 68 percent in 2021. In Peru, the proposal has been introduced more recently and remains under development. Its main objective is to expand access to the financial system, as approximately 30 percent of Peruvian adults lack any formal financial service, and only about 33 percent have access to credit.
The security challenge in open finance
While open finance offers significant benefits, it also involves the handling of highly sensitive user data. One of its key challenges is ensuring that the individual granting access is indeed the rightful data owner. Only under this condition can the system be secure, reliable, and user-friendly. In this context, biometrics is emerging as the most robust method for user identification, outperforming traditional approaches such as passwords or one-time passcodes, particularly in the era of deepfakes. This obligation is increasingly regulatory, not just operational. Brazil’s LGPD mandates strict data protection in any consent-based data sharing. Mexico’s CNBV has embedded digital identity requirements into open banking provisions under its Fintech Law. And FATF Recommendation 10 on customer due diligence requires financial institutions to verify customer identity using reliable, independent sources — a standard biometric verification is purpose-built to meet.
In recent years, deepfakes have advanced considerably due to improvements in hardware, access to large datasets, and increasingly sophisticated models. In this environment, solutions such as those offered by Identy.io, featuring multimodal biometrics with passive liveness detection, combine multiple biometric factors, including face and fingerprint, with artificial intelligence to enable secure and seamless identity verification. Passive liveness runs silently in the background — no blinking prompts, no head turns, no user friction. The system confirms that the person presenting their biometric is real, live, and present before any data access is granted.
Secure mobile-first biometrics as the scalable solution
Identy.io’s mobile-first approach is designed from the ground up to operate autonomously in mobile environments. This allows banks, fintechs, and digital platforms to integrate its capabilities easily through an SDK, without increasing operational costs or requiring additional hardware. Its verification system runs directly on the user’s device and provides an intuitive and user-friendly experience. Moreover, the process is fully touchless and requires only a smartphone’s standard camera and flash, even on low-end devices.
Unlike many alternatives on the market, by default, Identy.io process and stores biometric data on the user’s device itself, with no need to transmit sensitive information to cloud servers. This reduces the risk of data breaches or unauthorized access and also enables reliable operation in remote areas with limited connectivity.
Finally, to operate within the open finance ecosystem, Identy.io complies with the highest security standards, including those established by the U.S. National Institute of Standards and Technology, NIST. It supports eKYC, Know Your Customer, processes and AML, Anti-Money Laundering, frameworks, and adheres to the ISO/IEC 30107-3 standard for Presentation Attack Detection. Identy.io’s Face SDK holds independent certification at Level 2 — the highest available — tested and verified by iBeta Quality Assurance against silicone masks, 3D-printed faces, latex masks, and AI-generated deepfakes, with zero false acceptances across 1,500 attempted attacks (October 2025). The Finger SDK is separately certified at ISO/IEC 30107-3 Levels A and B. Together, these certifications ensure that the passive liveness detection underpinning every open finance interaction is independently validated, not self-declared.
Open finance without strong identity verification is an open door to fraud. The combination of passive liveness detection, on-device processing, and independently certified anti-spoofing gives financial institutions a way to meet their regulatory obligations — LGPD, FATF, CNBV — without adding friction that drives users away. As LATAM markets continue to expand access and digital onboarding volumes grow, the margin for identity errors shrinks. Want to see how passive liveness detection integrates into your open finance stack? Request a technical demo and we’ll walk you through the SDK in your environment.
