You remember the legend of Faust, right? Guy sells his soul to the devil, doesn’t quite get the deal he bargained for? Well, sharing financial data is a very similar bargain …
The Appetizer
In the last entry we talked about the Faustian bargain we all make with regards to data privacy on the web. Let’s explore why data sharing might be a Faustian bargain and how this bargain relates to financial data, fintechs and aggregators.
An Awesome Free App is Found
So you find the next great financial services app. Maybe you find a payment app that now lets you schedule your bills and never have a late payment again. Maybe it’s a credit report app that gives you daily feedback on how to improve your credit score, or provides input on how some purchases may be killing your score. Or maybe it’s an app that helps you save for retirement or get a loan.
Whatever the app, they all need one thing: access to your financial data. However, different apps require different sets of financial data. Loan apps, for instance, like QuickenLoans want balance information. Or consider personal finance managers, like Personal Capital, want all your accounts, all your transactions, investments and history. Payment apps, like Stripe, Venmo or Paypal, usually just need account and balance information for checking or savings accounts.
The Catch
Once you set up an account, an app will ask you for your userid and password to you bank. Now if you have accounts with multiple banks, they would like all your credentials. Once you give them your credentials, they will have access to everything you can access in online banking. That includes accounts, transactions, personal information, statements, taxes, loans, contracts, insurance. In a word, everything. From here on in, the horse is out of the barn. Or to put it another way, your data is now theirs and they are free to do with it what they will. So, how bad is it?
Points to consider:
#1: The scope of data exposed
When we say “becomes the property of” we mean that the fintech and the aggregator have now ingested your data and they can do with it what they please. They can aggregate it, sell it, rent it, feed it into big data analyzers, etc. Sure they promise to be good citizens and not expose your financial situation to others but in some cases that is the value of the whole exercise. Getting your data and sharing it in some form with other companies.
#2: you can’t control or limit what data, what accounts are shared.
Secondly, you can’t control which accounts are accessed by your financial app. Now some of you reading this may think no big deal and possibly you’re right. However, others might pause and realize they are exposing their childrens’ accounts, their business accounts and/or private trust accounts they were not expecting to get into the public domain.
#3: Aggregators sit in the middle. (Watch our Screen Scraping webcasts)
Thirdly, the fintech you sign up with has a contract with an aggregator whose function is to log into your bank on behalf of the fintech and scrape your data. They scrape, clean and then provide it to the fintech, keeping a copy for themselves, of course. Now there’s another company with access to your data. Another company you had no idea existed.
The Questions to Ask of Your Bank and the Financial App
- Where does my data go?
- Is my data handled securely?
- How safe is my data?
- Who has access to my data?
- Do they know it’s me?
- How well anonymized is my data?
- Am I protected or can my data be reverse engineered and put me at risk?
- Do I have any control or say in how my data is used?
- Who are you selling my data too?
- What are the buyers doing with my data?
Next up
It’s not all doom and gloom. In the next discussion we will discuss open banking and how the financial services industry is addressing consumers’ concerns.