Thanks Europe for using regulation (PSD2) to open up banking to fintech startups. Would anyone be interested in joining me in championing similar legislation in the US through congressional representatives, the Federal Reserve, and FDIC?
I don't know PSD2 fully but I know that my bank rolled out support for it and as far as I gather, applications should not have to ask for my username/password via their own UI (which after testing Plaid, they do), but rather use the authentication systems from the banks to authenticate. Maybe I used it wrong though.
Isn't this the same company that phishes its users by asking them for their banking login and 2FA information directly in third party apps? I'm not sure if this is the sort of regulatory barrier breaking worth celebrating.
I came across Plaid for the first time today and when trying to make a transfer through Transferwise. When asked for my bank username and password at a website !my_bank I was like hell nope. Ended up having to use a credit card instead which had the highest fee... :( I hope this kind of garbage disappears.
I would rather have entered my logins and then changed the password if I was that concerned about entering my bank logins rather than pay those credit card fees. Or change the password first, login, and change back to your old password.
If you're happy to hand out your credit card details to Plaid and trust them enough to properly secure it, personally I wouldn't be concerned about them flagrantly and illegally retrieving my past transactions. There is no such thing as trust less financial services that deal with fiat currency.
A credit card number/CVV/Expiration Date allows you to make transactions, but doesn't give you transaction _history_. Online banking username/password do give you full transaction history. My point was that giving away username/password is a terrible idea from a privacy standpoint compared to entering your CC.
I don't trust Plaid to handle my credit card responsibly, that's why I'm handing them a credit card number instead of a debit card number. With a credit card I can do charge backs if I'm victim of fraud. If I give out my bank login details and someone empties my account, I'm pretty sure I'm in a quite a different position...