[mediumdeviation]

Isn't this the same company that phishes its users by asking them for their banking login and 2FA information directly in third party apps? I'm not sure if this is the sort of regulatory barrier breaking worth celebrating.

[jbarberu]

I came across Plaid for the first time today and when trying to make a transfer through Transferwise. When asked for my bank username and password at a website !my_bank I was like hell nope. Ended up having to use a credit card instead which had the highest fee... :( I hope this kind of garbage disappears.

[roberson87]

I would rather have entered my logins and then changed the password if I was that concerned about entering my bank logins rather than pay those credit card fees. Or change the password first, login, and change back to your old password.

[niij]

They can pull all go your transactions in that time, changing your password after is still too late.

[roberson87]

If you're happy to hand out your credit card details to Plaid and trust them enough to properly secure it, personally I wouldn't be concerned about them flagrantly and illegally retrieving my past transactions. There is no such thing as trust less financial services that deal with fiat currency.

[niij]

A credit card number/CVV/Expiration Date allows you to make transactions, but doesn't give you transaction _history_. Online banking username/password do give you full transaction history. My point was that giving away username/password is a terrible idea from a privacy standpoint compared to entering your CC.

[roberson87]

>My point was that giving away username/password is a terrible idea from a privacy standpoint

I'm sure you know well the reasons for this. It is not practical to move large amounts of money via credit card due to the fees involved.

As for your point on transaction history, you could always create a separate account specifically for these type of situations where you're passing your login. Even if they get your transaction history, it would be very limited.

[jbarberu]

I don't trust Plaid to handle my credit card responsibly, that's why I'm handing them a credit card number instead of a debit card number. With a credit card I can do charge backs if I'm victim of fraud. If I give out my bank login details and someone empties my account, I'm pretty sure I'm in a quite a different position...

[roberson87]

We're going back to square one with the 'empties my account' comment. You can mitigate that but changing your password pre/post transaction so the login you use is one-time. It is inconvenient, but worth it if you do not trust the vendor and want to avoid credit card fees. If you are concerned about them getting your past transactions, you can always create a new account, or even a new bank account just for use for these type of situations. There's still some transaction history, but not nearly as much as a day to day account. I do think there's a lot of value in Plaids services but having said that, it is all a work around due to the abysmal financial infrastructure of the USA and lack of real time payments. Plaid services and requiring bank logins to do transactions does seem a bit whack, but again US payment system is even whacker.