[xtrapolate]

> "you give Plaid your username and password, and Plaid scrapers on their servers log into your online banking account"

So your username and password are just kept in some internal database somewhere? The scrapers probably decrypt the credentials in-memory.

Also - "scraping" data off of an undocumented API sounds risky. How can I guarantee a "scraper" won't accidentally mess something up for me?

[astura]

Well Mint messes up all the time, transactions are not updated even though Mint says its up to date, transactions are listed multiple times, etc. It's mildly inconvenient, but not really "risky." Is Plaid and other bank scraping services used for anything important?