[roberson87]

If you're happy to hand out your credit card details to Plaid and trust them enough to properly secure it, personally I wouldn't be concerned about them flagrantly and illegally retrieving my past transactions. There is no such thing as trust less financial services that deal with fiat currency.

[niij]

A credit card number/CVV/Expiration Date allows you to make transactions, but doesn't give you transaction _history_. Online banking username/password do give you full transaction history. My point was that giving away username/password is a terrible idea from a privacy standpoint compared to entering your CC.

[roberson87]

>My point was that giving away username/password is a terrible idea from a privacy standpoint

I'm sure you know well the reasons for this. It is not practical to move large amounts of money via credit card due to the fees involved.

As for your point on transaction history, you could always create a separate account specifically for these type of situations where you're passing your login. Even if they get your transaction history, it would be very limited.

[jbarberu]

I don't trust Plaid to handle my credit card responsibly, that's why I'm handing them a credit card number instead of a debit card number. With a credit card I can do charge backs if I'm victim of fraud. If I give out my bank login details and someone empties my account, I'm pretty sure I'm in a quite a different position...

[roberson87]

We're going back to square one with the 'empties my account' comment. You can mitigate that but changing your password pre/post transaction so the login you use is one-time. It is inconvenient, but worth it if you do not trust the vendor and want to avoid credit card fees. If you are concerned about them getting your past transactions, you can always create a new account, or even a new bank account just for use for these type of situations. There's still some transaction history, but not nearly as much as a day to day account. I do think there's a lot of value in Plaids services but having said that, it is all a work around due to the abysmal financial infrastructure of the USA and lack of real time payments. Plaid services and requiring bank logins to do transactions does seem a bit whack, but again US payment system is even whacker.

[jbarberu]

Given that for other ACH transfers I'm able to just hand out my routing+account number and that's all that is necessary to complete the transfer. The fact that companies are training people to input their bank username/password on other websites is completely insane, even if some might know to change it afterwards. If a scammy website did this, I'm willing to bet you money they'll change that password faster than you ever could.