For over two decades, companies have grappled with finding a safe way for consumers to share access to their financial data with fintech apps. On the other side of the equation, fintechs are looking for smart solutions to link consumers’ financial accounts to their apps so they can provide the products and services their customers want. 

Traditional methods of linking a consumer’s financial accounts are outdated, lack transparency, and give rise to significant security concerns. In the past, these methods were solutions to seemingly unsolvable problems. Data aggregators rose to the occasion and built tools and technology to allow companies to access consumer data, like OFX data streams, and, more commonly used, credential-based screen scraping.  

As consumers become more aware of these practices, their apprehensions about privacy and data security have grown, with only 50% remaining confident with their data privacy. This heightened awareness has led to drop-offs in the onboarding process, where consumers start to link a bank account with a new app but abandon it before completion. This results in lost potential customers and reduced revenue opportunities for fintechs. 

Credential-based screen scraping 

Screen scraping is a data access method where an aggregator logs into an online service, such as a financial institution’s digital portal, with a consumer’s login credentials as if they were the consumer. This is often accomplished by presenting consumers with webpages that closely resemble their financial institution portals. Bots, acting as agents for consumers, extract as much data as possible from the portal and scrape the displayed information. Aggregators then process and store this scraped data in their database, making it available for use by companies.  

Despite evolving and becoming more efficient over time, these technologies are still heavily reliant on consumer credentials, which can lead to issues with data security, negative user experiences, and high website traffic. Scraped data is also less reliable and prone to errors.   

However, the right solution now exists to enable consumers to link their financial accounts securely, safely, and efficiently. Access to personal financial data should only be granted with explicit consent from consumers, and they should have the ability to monitor and revoke that consent at any time. This is where Akoya steps in. 

Akoya's consumer-first approach 

Akoya offers API-based, permissioned data access to fintechs who need consumer financial data to power their products.  

Leveraging a process called OAuth, Akoya enables companies to link consumers' accounts and obtain their consent. OAuth is a widely adopted standard for obtaining delegated access to someone's information on another app. In recent years, the use of OAuth has become prevalent with companies like Google, Facebook, Microsoft, and Twitter using the technology to build the consent flows that link accounts to third-party apps. 

The OAuth standard ensures clear disclosures about the entity requesting access to consumer data, the type of data being requested, and empowers consumers to specify which accounts they want to share. It also provides a simple way to revoke this consent at any time, halting the data sharing process. 

linking_processExample: Akoya’s OAuth consent flow while linking accounts

Akoya has integrated this OAuth standard into financial institutions' data sharing practices and continues to advocate for this approach with more institutions across the U.S. 

With this secure mechanism in place, Akoya assists companies in using a consent-driven standard to seamlessly and securely link consumer financial accounts. This allows fintechs to concentrate on what matters: delivering exceptional experiences to their own customers. 

Unlike traditional aggregation, companies have reported various benefits from adopting Akoya's approach including: 

  • Enhanced user experience compared to screen scraping, with more reliable API connections. 
  • Reduced friction compared to traditional aggregators, leading to higher conversion rates thanks to no additional steps introduced in the consent flow. 
  • Improved performance through our modern tech stack, resulting in reduced latency compared to historical vendors. 
  • Ease of implementation supported by our comprehensive documentation and high-touch customer support team. 

With account linking managed by Akoya, companies can focus on other critical use cases that drive their business and the services they provide. To learn more, read about our approach to security, or contact us for more information. 

Looking forward 

Curious about other use cases that Akoya can help with? In future posts, we’ll explore: 

  • Instant account verification: Accelerate payments initiation by instantly retrieving validated consumers' account and routing numbers in compliance with the latest Nacha WEB debit rule. 
  • Account ownership validation: Mitigate account fraud risk by retrieving the consumer's customer profile on file with their financial institution and validating this information (such as first name, last name, mailing address, and phone number) against records. 
  • Financial accounts aggregation: Gain a comprehensive understanding of consumers' financial profiles by aggregating multiple accounts and making well-informed risk-based decisions.