Most people these days log into their bank’s website to view balances and transactions. The bank gives you a key – your username and password – to access your account. This is fairly secure because only two parties know about the keys – you and your bank.
But, what if you have accounts at multiple banks? It would be cumbersome to have to log into each bank one at a time to view your transactions. For convenience, you might decide to use a service like Personal Capital to log into your banks, retrieve the transactions, and combine them into a complete financial picture. Much easier! But, now you’ve given your keys to a third-party. You’ve increased the risk that your keys will be stolen simply because one more party knows about them.
What if I told you there is actually a fourth party involved? Yodlee and Plaid are two examples of aggregation API providers. These companies act as middlemen between Personal Capital (and others*) and your banks. When Personal Capital retrieves your account information, it actually sends your keys over to Yodlee. Yodlee then does the actual work of logging into your banks and retrieving your transactions. It then sends the information back to Personal Capital to be massaged and presented to you in a useful way. Yodlee provides the same service to other companies besides Personal Capital. This means Yodlee manages millions of keys making them an attractive target to hackers.
Data sharing is another concern. Do these fourth-party aggregators share or sell your data to other companies? In short, maybe. In 2015, the Wall Street Journal called out Yodlee for selling data. Yodlee may have since cleaned up its act, but what about other aggregators? Are these companies creating partnerships with other financial institutions to provide data for targeted marketing? Companies are legally supposed to ask for your consent before sharing your data, but how often do you really understand what you’re agreeing to online?
Imagine you rent a room at a storage facility. You have the keys, so you can go and open the room anytime you want to check on the contents. But, what if you decide to split the contents of that room up among several different storage facilities. Your inventory checks suddenly become more painful. Instead of having to personally drive to each facility, you decide to hire a company, Jim’s Inventory Service, to check on your stuff. You give Jim your keys and anytime you ask, he’ll drive over, unlock the rooms, and drive back, presenting you with a gorgeous report on the state of the contents. You don’t really know much about Jim, but he has a lot of customers, so he seems safe.
Now imagine Jim decides he’d rather not deal with handling everyone’s keys and keeping track of access rules at different storage facilities. All Jim wants to do is wow you with his beautiful inventory reports. So he hires another company, Bob’s Unlock Service, to do the legwork between all the storage facilities. Now when you want a report of what’s in your storage rooms, you hand the keys to Jim, he hands the keys to Bob, and Bob drives around unlocking all the rooms at the various facilities so he can report back to Jim. Jim then constructs a fancy pie chart summarizing what was found and presents it back to you.
On the surface, this might seem like a great arrangement. Through specialization and division of labor, both quality and speed of service have improved. Jim’s reports keep getting fancier and Bob’s efficiency at unlocking doors is unmatched.
But, what about security? Now your keys are passing through several hands. You’re pretty sure you trust Jim, but you don’t really know about Bob. But Jim trusts Bob. It’s probably okay, right?
What if Bob is robbed? A man holds Bob at gunpoint and steals all his keys. Remember, not only does Bob have your keys, he has every key that belongs to Jim’s customers. Not only that, Bob contracts with several other inventory services besides Jim. The holdup man now has all of those keys as well. Because Bob controls so many keys, he becomes a more desirable target to thieves. Why rob Jim and get a few thousand keys, when I can rob Bob and get millions of keys? By giving your keys to Jim, and Jim giving your keys to Bob, you’ve exposed your self to much more risk than you may have realized.
* Personal Capital is one of many services that use these fourth-party data aggregators. For example, YNAB and Betterment also use aggregators. Mint and Quicken, two other popular personal financial services, are both owned by Intuit and use an internal aggregator.