alt Hacker NewsI'm not that familiar with Plaid, but if it works like Yodlee, users have to hand over their credentials so there's no real security, it's just that their scraper is designed to be look not touch.
Replies
fsckboy • yesterday at 11:23 PM
the question isn't whether the user is trusting Plaid with too much access, the question is whether Plaid is trusting these apps with too much.
Plaid has OAuth-based access for most of the big institutions now, but yes, for smaller institutions, they do scraping. Thankfully, Plaid's been around for a while now and has a good track record. It would be a non-starter to give your credentials to a small startup directly.