Skip to main content

Secure Data Connection

Take back control of account connection

We have strategically partnered with leading data aggregators like Akoya, Mastercard’s Finicity, Intuit, MX Technologies, Plaid, Stripe, Visa Open Banking Solutions, and Yodlee to provide you and your accountholders with increased security, visibility, and control over their financial data.

Data aggregation flowchart

What is a data aggregator?

A fast and secure way to connect with financial tools

New fintech tools are being released every day, and users are connecting their financial accounts to apps like Acorns, Robinhood, and Venmo to manage their money.

Thousands of fintechs use these data aggregators to link to your users' accounts quickly and securely by logging in on their behalf. When a user logs into an app on one of these networks for the first time, they are prompted to connect their financial accounts. These services step in as the middle-man, prompting the user to select your institution as the account host and enter their digital banking login credentials.

Paypal app logo Pillar app logo Venmo app logo Acorns app logo
Personal Capital app logo Coinbase app logo Betterment app logo Prosper app logo
Robinhood app logo Qapital app logo Drop app logo Copilot app logo
TrueBill app logo Digit app logo YNAB app logo Square Cash app logo

Why are we integrating with data aggregators?

API-connection improves security, speed, reliability, and visibility

Behavior follows desire. And users want account connection between their financial apps. That's why screen scraping has become so common from services like these data aggregators. The practice of screen scraping by third-party fintechs solved a desire held by accountholders: a way to aggregate specific information from all of their accounts for easier money management. But the practice of screen scraping means handing over your login credentials to a third-party and allowing them to log in on a user's behalf, with no user control over which information is shared. Sound preposterous? It is. And Jack Henry solves this in a better way.

New regulation from the CFPB around screen scraping is being proposed, and many in the industry are hoping for more time to be able to meet new requirements. Jack Henry has known screen scraping to be a security threat for a long time, so we didn't wait for outside regulation to do the right thing and get started solving the problem.

Jack Henry has done the hard work to build partnerships on your behalf with all of the major data exchange platforms. We're proud to say that we've completely replaced in-bound screen-scraping with direct API connection to easily and securely share only relevant data from user accounts to share with third-party fintechs of the user's choice.

Mobile device showing Stripe asking to connect to a users bank

Security

Integrating with these data aggregators allows us to use tokenization – a method of taking a user’s credentials and exchanging them into a secure “token” that does not outwardly expose any information about the user except for their username. Once a connection is established, this token allows the service to act on behalf of the user to pull real-time financial information from their financial account into their favorite fintech apps. By using tokenization, these services will not store usernames and passwords, and their access is limited to read-only.

Visibility

Direct integration with these services increases both your visibility and the user’s visibility into who is accessing their account. Without integration, it’s very difficult to tell the difference between a sign-in from a user and a sign-in from a data aggregation service. This seamless integration will give you the ability to know exactly when a service is logging in on behalf of a user. And your accountholders will be able to manage which apps they’ve shared their financial data with – directly within your digital banking experience.

Reliability

Without a direct integration, data aggregators rely on “screen-scraping” to read the data in a user’s account. Any updates or changes to the digital banking interface can cause the connection to break, because these services are using their best guess as to where data is located on the screen. By integrating with these services through our API, we’re forming a direct connection, so the transfer of data is fast and accurate, and most importantly – secure.

Speed

Data aggregation services often use micro-deposits to help validate a user’s account. This can often take several days. This integration will eliminate the need for micro-deposits and provide instantaneous account verification. This also paves the way to speed up the digital account opening processes from taking days to taking minutes, increasing your account opening success rates.

How do you get access?

No lift and no cost

This functionality will cost you nothing, and it will automatically be enabled – unless you opt out. This means you’ll have “zero-lift” and “zero-cost” access to each of our partners’ networks, giving your users the ability to connect more securely and efficiently with thousands of financial tools they’re already using.

Remember that users can still connect their accounts without this integration enabled, sacrificing the security this partnership brings. While it’s your choice to disable this functionality, we highly encourage you to keep it on and reap the benefits.

Learn more about security in Banno

 

Photo of someone holding a phone

FAQs

We know you have questions. We want to answer them.

The most secure scenario would be for an accountholder to be the only one who can access their account. That said, users are connecting their financial accounts with or without our integration to these data aggregators. The security benefit of this integration lies in something called an API token – the most secure way to provide authentication credentials on the internet today – where users’ credentials are stored within a “token” that does not expose their details.

We use an open security standard called OAuth 2.0 and OpenID Connect – meaning any other platform that supports this standard can easily and securely integrate with our platform. If one of these services does not support this standard on their own, our integration with them creates a secure bridge between our own security protocols and theirs, providing an additional layer of security that’s up to our standards.

Increased visibility is another security benefit of these strategic integrations. Logins through a data aggregation service will display in Banno Activity and you’ll know that it’s the service – not the user – who is logging in. And for your accountholders, this integration also allows users to manage which apps they’ve shared their financial data with directly in Banno Online.

When the user authenticates their account within an app that uses any of these data aggregators, any login protocols you have in place still apply.

No, however we highly recommend utilizing these integrations, and they are enabled by default at zero cost to you. Opting out won’t change the fact that accountholders can still use these services to connect back to your financial institution – this integration just adds additional layers of security and an improved experience.

Users will have a smoother, faster experience in connecting their accounts with less chance of the connection breaking down the road. Truthfully, the changes on the surface may not even be noticed by users, and often they aren’t even aware that these services exist or how the account connection process works – they just know (and expect) that it does. Behind the scenes, accounts will be kept much more secure.

It’s up to you whether you communicate this change with your accountholders. They may not even realize that anything has changed. That said, this integration can help position you as a technology – embracing financial institution who cares about helping users connect to the apps they love. Their connections will be more seamless and more secure. Users may also want to know that they will now have more visibility into which services they’ve connected their account to – right within digital banking.

Development is currently underway to bring these integrations to every financial institution using Banno. We’ll keep you posted when they become available.

We’re happy to bring integrations with these data aggregators to you at zero-cost and zero-lift.

Integrations

We’re committed to partnering with companies that work for you

These are just some of the industry leaders we’re working with that connect seamlessly with our digital banking platform. Integrations are the future of banking, and we’re proud to work with fintechs that help bring specialized solutions to you and your accountholders.

Explore Jack Henry partners

Mastercard logo Alloy logo Akoya logo Stripe logo Autobooks logo Plaid logo Intuit logo Yodlee logo Yodlee logo Yodlee logo

Switch to a better platform

Let's talk about what this could look like for your financial institution.

Connect With Us