I'm not sure on the exact phrasing. It can either mention Plaid by name or some complementary descriptor about "banking level security". It just shouldn't say credentials aren't being stored when they are being stored by a partner.
I would think how you message this. What others and I picked up on is appropriate for this level of discourse (HN), but something that is likely not going to make sense to your core customers.
Are customers that buy from companies that integrate with Stripe aware that it is Stripe that stores credit card information when prompted? I don't know if the average person can make that abstraction.