We have strategically partnered with leading data aggregators like Mastercard’s Finicity, Plaid, Akoya, and Yodlee to provide you and your accountholders with increased security, visibility, and control over their financial data.
New fintech tools are being released every day, and users are connecting their financial accounts to apps like Acorns, Robinhood, and Venmo to manage their money.
Finicity, Plaid, Akoya, and Yodlee are all data aggregation services that thousands of fintechs use to link to your users’ accounts quickly and securely by logging in on their behalf. When a user logs into an app on one of these networks for the first time, they are prompted to connect their financial accounts. These services step in as the middle-man, prompting the user to select your financial institution as the account host and enter their digital banking login credentials.
Without an API connection, it’s very risky for people to enter their banking credentials somewhere other than with you. Since we can’t control what users do, we’re integrating with these services via API connection, so we can gain control over the process, increasing the overall security and experience of connecting accounts.
Integrating with Finicity, Plaid, Akoya, and Yodlee allows us to use tokenization – a method of taking a user’s credentials and exchanging them into a secure “token” that does not outwardly expose any information about the user except for their username. Once a connection is established, this token allows the service to act on behalf of the user to pull real-time financial information from their financial account into their favorite fintech apps. By using tokenization, these services will not store usernames and passwords, and their access is limited to read-only.
Direct integration with these services increases both your visibility and the user’s visibility into who is accessing their account. Without integration, it’s very difficult to tell the difference between a sign-in from a user and a sign-in from a data aggregation service. This seamless integration will give you the ability to know exactly when a service is logging in on behalf of a user. And your accountholders will be able to manage which apps they’ve shared their financial data with – directly within your digital banking experience.
Without a direct integration, data aggregators rely on “screen-scraping” to read the data in a user’s account. Any updates or changes to the digital banking interface can cause the connection to break, because these services are using their best guess as to where data is located on the screen. By integrating with these services through our API, we’re forming a direct connection, so the transfer of data is fast and accurate, and most importantly – secure.
Data aggregation services often use micro-deposits to help validate a user’s account. This can often take several days. This integration will eliminate the need for micro-deposits and provide instantaneous account verification. This also paves the way to speed up the digital account opening processes from taking days to taking minutes, increasing your account opening success rates.
This functionality will cost you nothing, and it will automatically be enabled – unless you opt out. This means you’ll have “zero-lift” and “zero-cost” access to each of our partners’ networks, giving your users the ability to connect more securely and efficiently with thousands of financial tools they’re already using.
Remember that users can still connect their accounts without this integration enabled, sacrificing the security this partnership brings. While it’s your choice to disable this functionality, we highly encourage you to keep it on and reap the benefits.
We know you have questions. We want to answer them.
The most secure scenario would be for an accountholder to be the only one who can access their account. That said, users are connecting their financial accounts with or without our integration to these data aggregators. The security benefit of this integration lies in something called an API token – the most secure way to provide authentication credentials on the internet today – where users’ credentials are stored within a “token” that does not expose their details.
We use an open security standard called OAuth 2.0 and OpenID Connect – meaning any other platform that supports this standard can easily and securely integrate with our platform. If one of these services does not support this standard on their own, our integration with them creates a secure bridge between our own security protocols and theirs, providing an additional layer of security that’s up to our standards.
Increased visibility is another security benefit of these strategic integrations. Logins through a data aggregation service will display in Banno Activity and you’ll know that it’s the service – not the user – who is logging in. And for your accountholders, this integration also allows users to manage which apps they’ve shared their financial data with directly in Banno Online.
Absolutely. When the user authenticates their account within an app that uses Finicity, Plaid, Akoya, or Yodlee, any login protocols you have in place still apply. And none of those credentials are passed on to anyone, since an API token is given to the service instead.
No, however we highly recommend utilizing these integrations, and they are enabled by default at zero cost to you. Opting out won’t change the fact that accountholders can still use these services to connect back to your financial institution – this integration just adds additional layers of security and an improved experience.
Users will have a smoother, faster experience in connecting their accounts with less chance of the connection breaking down the road. Truthfully, the changes on the surface may not even be noticed by users, and often they aren’t even aware that these services exist or how the account connection process works – they just know (and expect) that it does. Behind the scenes, accounts will be kept much more secure.
It’s up to you whether you communicate this change with your accountholders. They may not even realize that anything has changed. That said, this integration can help position you as a technology – embracing financial institution who cares about helping users connect to the apps they love. Their connections will be more seamless and more secure. Users may also want to know that they will now have more visibility into which services they’ve connected their account to – right within digital banking.
Development is currently underway to bring these integrations to every financial institution using Banno. We’ll keep you posted when they become available.
We’re happy to bring integrations with Finicity, Plaid, Akoya, and Yodlee to you at zero-cost and zero-lift.
These are just some of the industry leaders we’re working with that connect seamlessly with Banno. Integrations are the future of banking, and we’re proud to work together with companies like Autobooks and Alloy.
Let's talk about what this could look like for your financial institution.