Does Plaid (soon to be Visa) have permission to collect and store transaction data for any purpose other than to pass it on to the actual application using Plaid? A lot of this reads like...
Does Plaid (soon to be Visa) have permission to collect and store transaction data for any purpose other than to pass it on to the actual application using Plaid?
A lot of this reads like handwringing over the fact that Plaid stores login credentials to log into and screenscrape banks, which is literally the whole point of Plaid.
If the banks actually had the OAuth flows to connect external tools that the EFF complains Plaid is impersonating, everybody would just use those and nobody would use Plaid.
Mildly related, but oh god banking infrastructure is fucking awful. Just as an example of how bad it is, to make an ACH transaction programatically... You upload a file via FTP to the bank's...
Mildly related, but oh god banking infrastructure is fucking awful. Just as an example of how bad it is, to make an ACH transaction programatically...
You upload a file via FTP to the bank's server. Yes, there's no HTTP API, nope you upload a file via FTP. Idempotency? What's that? And don't even get me started on the format of that file, or the size limitation...
Can confirm. I once started an implementation for this that the company I work for thankfully decided to abandon. Learning that I had to take this weird, old, messy, nonsensical data format, stuff...
Can confirm. I once started an implementation for this that the company I work for thankfully decided to abandon. Learning that I had to take this weird, old, messy, nonsensical data format, stuff it into a file, and FTP upload the damn thing? That was my first introduction to just how archaic and flimsy our financial infrastructure really is.
Does Plaid (soon to be Visa) have permission to collect and store transaction data for any purpose other than to pass it on to the actual application using Plaid?
A lot of this reads like handwringing over the fact that Plaid stores login credentials to log into and screenscrape banks, which is literally the whole point of Plaid.
If the banks actually had the OAuth flows to connect external tools that the EFF complains Plaid is impersonating, everybody would just use those and nobody would use Plaid.
Mildly related, but oh god banking infrastructure is fucking awful. Just as an example of how bad it is, to make an ACH transaction programatically...
You upload a file via FTP to the bank's server. Yes, there's no HTTP API, nope you upload a file via FTP. Idempotency? What's that? And don't even get me started on the format of that file, or the size limitation...
Can confirm. I once started an implementation for this that the company I work for thankfully decided to abandon. Learning that I had to take this weird, old, messy, nonsensical data format, stuff it into a file, and FTP upload the damn thing? That was my first introduction to just how archaic and flimsy our financial infrastructure really is.
Never. Again.
It's almost literally the digital equivalent of mailing a packet of receipts between banks.