Bank(ing) apps

Cableguy

Expert
Licensed User
Hi guys...

I recently came across some "banking management apps that, having no relation with my bank, asked me for my online credentials to retrieve data.
How do they do that?
Is there some "general" banking API?

I have an idea for an app that would profit from that mechanism... But don't even know where to start looking...
 

Daestrum

Well-Known Member
Licensed User
My bank makes it quite clear, if I give anyone my online credentials/pin number, the bank will not be responsible for any losses. If they obtain them via other means I am not liable for losses.
 

Cableguy

Expert
Licensed User
Thanks @ShaneG30, but that's only for USA.

Still it worried me that I couldn't find any "security" advisor/reference to validate the use as safe for the end user.

@Daestrum raised a very good point there.
 

José J. Aguilar

Expert
Licensed User
I use my bank APP (BBVA, it seems to be rewarded with the Forrester prize to the best app bank, and it's really good). From this app, I could connect with other banks, to see other accounts (If I'd had). You click in the option, they show a list of banks, and they ask fro you id and pin. Of course, you download a 1mb with terms and conditions.

There's another app here in Spain (I suppose not only here) announced in TV and it's FINTONIC (https://play.google.com/store/apps/details?id=com.fintonic)
You can read in their website some things they explain about security (https://www.fintonic.com/es-ES/soporte-ayuda/)
In "Security and Privacy" they say:

"Te registras con tu email habitual y con las claves de acceso de tu banco, son de lectura (con estas claves, ni tú ni nadie podrá operar o mover dinero)."
You register with your email and the access code from your bank, the access code is only-read (with this code, neither you not anybody can make operations or move your money"

They say too they can connect to bank thanks to Eurobits
"Gracias a Eurobits, líder en el sector de agregación de cuentas, los bancos se pueden conectar a Fintonic. Se requieren las claves de acceso de la entidad para agregar las cuentas."
 
Top