[mdpopescu]

I worked on a financial product based on one of Intuit's. I was shocked to realize that this Intuit product was impersonating people (using their username and password) to log on to their bank accounts and download all transactions - which our product was then analyzing. I was sure nobody would allow that; who will give a third-party their bank username and password?

I was extremely surprised to find out that the answer was "at least tens of thousands of people".

[ceejayoz]

> I was sure nobody would allow that; who will give a third-party their bank username and password?

Banks have been extremely reluctant to hop onboard with APIs. KeyBank wanted to charge me $20/month to turn on a Quickbooks export, for example.

Capital One has a neat ability to generate read-only credentials for use with stuff like Mint. Wish more banks would do that.

[sp332]

Banks don't tend to have APIs though. Either you give up your username and password, or you don't get centralized reporting. Those are your only options.

Anyway fraudulent bank transactions are relatively easy to undo, and they have really high penalties and are enforced by FBI agents who don't play around.

[ourmandave]

I wonder if people know how much their data is being accessed by 3rd parties? Maybe it starts with Intuit getting permission for something convenient and a few unread, auto opt-in "change of service agreements" later, they can share it with everyone.

[feld]

cough Mint

[shiven]

cough cough Yodlee