June 25, 2024

The rise of secure data sharing: APIs vs. screen scraping

For over 20 years, the financial services industry has thrived on innovation fueled by data access. Consumers have embraced online tools and fintech apps to manage their finances in one place. This includes tasks like financial planning, budgeting, loan applications, investments, tax prep, and more. The value these services provide is undeniable, and data access has not only enabled their creation but also opened doors for underserved communities to access financial products and services they may not have been able to before. 

As data sharing between financial institutions, third-party applications, and data aggregators becomes more prevalent, secure and efficient methods for data exchange are crucial. While some still rely on screen scraping — a less secure practice — many banks and fintechs have adopted Application Programming Interface (API) based data access for its numerous benefits. 

APIs offer a safer alternative to screen scraping for accessing consumer information. Akoya champions 100% API-based connections for a more secure and consumer-friendly experience. 

Both screen scraping and APIs are methods for collecting data, but they go about it in very different ways and it’s important to understand the key differences.

The problem with screen scraping 

Screen scraping involves a third-party application logging into a consumer's online banking portal with the consumer's credentials. This exposes individuals and their financial institutions to a range of risks and provides little to no visibility into how data is protected or shared. Major screen scraping concerns include: 

  • Security risks: Consumer names and passwords are stored by unauthorized third parties, increasing the vulnerability to data breaches and unauthorized access. 
  • Lack of transparency: Consumers are often unaware that their data is being collected and shared through screen scraping. 
  • Data integrity issues: Websites may be slow to scrape, or block scraping altogether, leading to unreliable data. 

A safer alternative for banks and consumers: API-based data access 

APIs offer a secure and consumer-friendly alternative to screen scraping. APIs act as intermediaries between applications, allowing for data exchange without requiring consumer credentials to be shared and/or stored at any point. This approach provides several advantages: 

  • Enhanced security: Consumer credentials are never shared with third-party applications, significantly reducing the risk of data breaches. 
  • Increased transparency: Consumers have clear control over what data is shared and with whom. 
  • Improved data integrity: APIs provide reliable and consistent data access, eliminating scraping slowdowns and website blocking issues. 

Akoya's commitment to API-based access 

Akoya eliminates the risks associated with screen scraping and provides a safe, secure, and transparent way for consumers to provide access to their financial data. Akoya replaces screen scraping with 100% API connections, enabling individuals to share their data with fintech apps using their financial institution’s existing online portal.  

This removes the need for login information to be held and stored by anyone else. Additionally, Akoya provides a simple way for people to grant, modify, or revoke access to their financial data at any time. Here's how it works: 

  • Consumer consent: Consumers directly enter their login credentials with their bank and explicitly grant permission for data access with a specific third-party application. 
  • Secure connections: Akoya manages all third-party connections on behalf of the bank, ensuring secure communication. 
  • Token-based access: After consumer authentication, Akoya utilizes tokens instead of credentials. These tokens can be revoked by the consumer at any time, providing granular control over data access. 
  • Passthrough model: Akoya never stores or exposes login credentials or unauthorized data. Only permissioned data is passed through a single integration point. 

This approach offers a secure, scalable, and consumer-centric solution for data sharing in the financial sector. By prioritizing security and control, Akoya empowers consumers and institutions to leverage the power of data sharing with confidence. 

To learn more about Akoya's commitment to secure data sharing, explore our approach to security or contact us for further information. 

Learn more about Akoya’s 100% API-powered products here.  

Topics: Blog

Related articles headline.

Blog

Reducing complexity in Open Banking regulatory compliance

With the issuance of the CFPB 1033 final rule in late October 2024, the countdown toOpen Banking compliance has.

Blog

How Akoya’s managed services help ensure CFPB 1033 rule compliance

Financial institutions have begun their efforts to comply with the Consumer Financial Protection Bureau’s Section 1033.

Blog

Final CFPB 1033 rule: Challenges and opportunities for financial institutions

In our webinar, "It’s time to act. Prioritize CFPB 1033 compliance for your customers," Open Banking experts from Akoya.