Plaid is a well know and "safe" way to link your bank account to allow third parties (typically money tranferers like exchanges and Venmo) to transfer money to and from your bank account. To do so, you need to give your username and password of your bank account to Plaid on behalf of the money tranferer (they never see it, Plaid does).
Plaid claims to encrypt it and store it safely, and as far as I know nothing has happened thus far. In some cases, just the initial "linking" gives them enough access they never actually need the password anymore, and you can in fact change it and they still can access your account.
It is built with good intensions, but the road to hell is built on good intentions. It is a very poor breach of personal security and I refuse to ever take part in it, but it is becoming harder to avoid as more and more parties are using it under the promise it is safe.
I haven't been required to use it, but it is 10x easier to use it. I avoid it.
Bittrex for example now uses it.
Their argument is routing and account number isn't enough proof that you own the account. It also makes it 10x harder to get your money out. Win Win for them.
Plaid is a well know and "safe" way to link your bank account to allow third parties (typically money tranferers like exchanges and Venmo) to transfer money to and from your bank account. To do so, you need to give your username and password of your bank account to Plaid on behalf of the money tranferer (they never see it, Plaid does).
Plaid claims to encrypt it and store it safely, and as far as I know nothing has happened thus far. In some cases, just the initial "linking" gives them enough access they never actually need the password anymore, and you can in fact change it and they still can access your account.
It is built with good intensions, but the road to hell is built on good intentions. It is a very poor breach of personal security and I refuse to ever take part in it, but it is becoming harder to avoid as more and more parties are using it under the promise it is safe.
It just makes no sense, what company is requiring you to use this service?
This is the reason bank accounts have an account # and routing # so you don't have to give anyone your bank account login info...
I haven't been required to use it, but it is 10x easier to use it. I avoid it.
Bittrex for example now uses it.
Their argument is routing and account number isn't enough proof that you own the account. It also makes it 10x harder to get your money out. Win Win for them.
yeah that is crazy, these corporations just try to make it as difficult as possible for people to move their money around...