It's quite common nowadays to link your bank accounts on your favorite finance apps. Have you wondered what's actually happening behind the scenes?
Most finance apps, like Venmo, RocketMoney and Robinhood, use a third-party aggregation service, like Plaid, to link your banks. Mint, which is owned by Intuit, uses the parent company's in-house aggregation service.
Most of these services connect to financial institutions in two broad ways: official APIs and scraping. Typically, with an official API, you are logging in directly on a widget controlled by the bank. The aggregation platform never sees nor stores your credentials. The bank shares a secret token with the aggregation service that it can use to sync data.
However, most banks don't have an official API. For example, American Express does not have an official API for the US. To support connecting those accounts, aggregation platforms will log in programmatically into the bank's website or mobile app, and then scrape the data from web pages or internal APIs.
For the vast majority of banks you connect on Plaid, Plaid is scraping data.
Virtually all major aggregators are members of the Financial Data Exchange (FDX). FDX defines standards for data sharing among member financial institutions and aggregation platforms.
The problem with the current approach is the incredible limitation. For example, no commercial aggregator can access data like reward balances, rewards on transactions, issuer-specific credit scores, offers or benefits. Commercial aggregators also have no write access, which means they can't automate tasks for you.
An app like MaxRewards, which gives a comprehensive overview of your credit card accounts and can auto-activate your offers, is impossible to build with commercial aggregators. Therefore, we've built our own connector technology that gives us exclusive data and functionality.
While we've built sophisticated technology, there is a risk that our connectors may be occasionally down due to significant changes in a bank's technology, which will necessarily be a surprise for us. However, we are working on many techniques to minimize the risk of disruption, as well as increase the speed at which we can resolve outages.
Note that even official bank APIs are not resistant to outages, and for certain banks, our connectors are more reliable than the official API.
We ultimately believe our approach is the future of how apps will connect with banks. Financial products are rapidly evolving, and our approach is the only method that's keeping pace.