Plaid provides the technology that enables consumers to connect their financial accounts to apps and services. In some cases during this connection process, Plaid may require a numeric One-Time Passcode (OTP). We send this OTP as an additional security measure to help prevent unauthorized users from successfully linking your financial account(s) to financial apps and services.
If you received an email with a code from Plaid (sent from email@example.com) that you did not request, it could mean that someone is attempting to use your financial institution credentials without your permission. We recommend taking the following actions to secure your financial institution account, your financial app or service account, and your email account.
Do not share the code you’ve received
Plaid Support will never contact you requiring that you provide this OTP over a phone call, text, or email in order to complete your app connection. Do not share this code with anyone who asks for it.
Check for unauthorized activity & contact your account providers
Check for any unauthorized activity (like transactions or transfers) on the financial institution and/or financial app referenced in the email you received. If you see anything unusual, contact the financial institution and/or financial app directly to address the issue.
Additionally, while receiving an unexpected OTP email from Plaid does not necessarily indicate unauthorized access to your email account, be sure to monitor any recent security notifications sent by your email provider about new sign-ins. Most email providers also allow you to review any “trusted devices” that are saved to that account to make sure you recognize them, and you can then cut off access to individual devices you don’t recognize.
Change your passwords
We also recommend that, as a precaution, you change your passwords for:
- The financial institution referenced in the OTP email
- Any financial app or service referenced in the OTP email
- Your email account
- Any other account that uses the same password
Use strong, unique passwords for all of your accounts. See our article on personal security for guidance on selecting a strong password and additional best practices for preventing fraud.
When to contact Plaid
The OTP email you received from Plaid may contain a “support ID” at the bottom of the email - this code is an identifier that’s unique to the connection attempt referenced in the email and is made up of both numbers and letters (i.e. alphanumeric). By providing this support ID to our team, we can help in two primary ways:
- If your OTP email does not indicate the financial app or service involved, our team may be able to help you find those details. If both the financial institution and the financial app/service are already provided, there is no need to reach out to us at Plaid - just continue working directly with those parties.
- If you suspect that data from your financial institution was shared with Plaid, we may be able to help delete that financial data from our systems.
To submit a request with our Support team, click here and provide your unique alphanumeric “support ID.”