Why We Don't Connect to Your Bank (And Why That's a Feature)
Why We Don't Connect to Your Bank (And Why That's a Feature)
Every finance app wants your bank login. It is the default pitch: "Connect your accounts for automatic tracking!" It sounds convenient. And for many people, it is.
But convenience has costs. And in the world of personal finance data, those costs are becoming harder to ignore.
How Bank Connections Actually Work
When you "connect" a bank account to a finance app, here is what typically happens behind the scenes:
- You enter your bank credentials (username and password) into the app.
- The app passes those credentials to a data aggregator (companies like Plaid, Yodlee, or Finicity).
- The aggregator uses your credentials to log into your bank and scrape your account data.
- That data is passed back to the app, sometimes stored by the aggregator as well.
In some cases, newer API-based connections avoid credential sharing. But the majority of connections, especially for smaller banks and credit unions, still rely on the credential-passing model.
The Privacy Problem
The Plaid Litigation
In one of the largest fintech privacy cases, a class action lawsuit against Plaid alleged that the company:
- Created login screens that mimicked bank interfaces, making users think they were entering credentials directly with their bank
- Collected more financial data than users authorized or apps needed
- Stored detailed transaction histories that went beyond what was necessary for the connected service
The case covered a period from January 2013 through November 2021 and resulted in a settlement. While Plaid has since updated its practices, the case highlighted a fundamental tension: when you share credentials with one company, you may be sharing data with many.
Ongoing Data Concerns
In November 2024, a lawsuit reported by American Banker accused several companies of collecting and sharing sensitive personal and financial information without consent, including the use of data aggregators to gather bank account data and AI analysis of conversations and account data.
These are not hypothetical risks. They are documented legal proceedings.
The Reliability Problem
Even setting privacy aside, bank connections are fragile:
- Multi-factor authentication breaks syncs: Banks frequently update their security, requiring you to re-authenticate every few weeks.
- Connections drop silently: Your app might show stale data for weeks before you notice.
- Not all institutions are supported: International banks, crypto exchanges, and smaller financial institutions often lack aggregator coverage.
- Broken connections erode trust: When your "automatic" tracker stops working, you end up doing manual updates anyway, but with a worse interface than a purpose-built manual tool.
The Regulatory Response
Regulators have noticed these issues. In October 2024, the Consumer Financial Protection Bureau (CFPB) finalized its "Personal Financial Data Rights" rule under Section 1033 of the Dodd-Frank Act.
As Reuters reported, the rule establishes that "a company that ingests a consumer's data can use the data to provide the product or service the consumer asked for, but not for unrelated purposes the consumer doesn't want."
The rule pushes financial institutions toward secure API-based data sharing and away from credential-based scraping. It is a step in the right direction. But it also confirms that the current system has problems worth addressing.
The Alternative: Manual-First Tracking
There is a simpler approach. Instead of sharing your credentials with third parties and hoping the connections stay stable, you can enter your balances yourself.
This is not a step backward. It is a deliberate design choice.
What You Gain
- Zero credential exposure: No bank logins shared with anyone. Period.
- No broken connections: There is nothing to sync, so nothing breaks.
- Universal coverage: Track any asset type, any bank, any country. If it has a value, you can track it.
- Data ownership: Your data lives where you put it, not scattered across aggregator databases.
- Monthly financial check-in: The 5-minute update becomes a feature. It is the moment you actually look at your finances, spot trends, and catch issues.
What It Costs
About 5 minutes per month. That is the honest tradeoff.
Why We Built MyMoneyViz This Way
When we started building MyMoneyViz, the easy path was to integrate Plaid and offer automatic syncing. Every competitor does it. Users expect it.
But we kept coming back to the same questions:
- Do we want to be responsible for storing bank credentials?
- Do we want to depend on third-party aggregators that have been sued for data practices?
- Do we want our users' experience to break every time a bank updates its security?
The answer was no.
Instead, we built a fast, purpose-built interface for manual tracking. You enter your balances in a spreadsheet-style interface that supports 13+ asset types. You get beautiful visualizations, allocation breakdowns, goal tracking, and historical analysis. We send monthly reminders so you never forget to update.
Everything that makes a finance app useful, minus the part where you share your bank credentials.
When Bank Connections Make Sense
We are not saying bank connections are always wrong. They make sense when:
- You have very simple finances (one bank, one brokerage, all domestic)
- You update your finances daily and need real-time transaction data
- You are primarily tracking spending rather than net worth
- The convenience genuinely outweighs the privacy tradeoff for your situation
For everyone else, especially people with assets across multiple platforms, international accounts, alternative investments, or simply a preference for privacy, manual-first tracking is worth considering.
The Bottom Line
The most secure financial data is data that was never shared. No aggregator can leak credentials you never gave them. No connection can break if there is no connection.
Privacy-first finance is not about doing more work. It is about doing the right kind of work: a brief, intentional monthly check-in with your complete financial picture, on your terms, with your data staying exactly where you put it.