An app may connect to your financial accounts in multiple ways which determine where you provide your login credentials. Regardless of which type of connection is made, we do not share your financial information with the app or service you are trying to connect to without your permission, and we never share your credentials with the app or service either.
Using login credentials
- OAuth and API - Plaid does not store account credentials
-
- OAuth (Open Authentication) is an industry-standard protocol for authenticating and granting access to data to third party applications. With OAuth, you will be redirected to your financial institution’s website where you can directly input your login credentials. After that, your financial institution will provide Plaid with access through a secure token. Plaid then retrieves and provides the financial data that you’ve agreed to share with the app you’re using.
- Your financial institution may use an API solution that provides Plaid with a type of security identifier. In this case, you will be asked to provide your bank account login credentials directly within Plaid’s authentication flow and Plaid will securely connect to your financial institution without storing your credentials.
-
- Non-OAuth - Plaid has access to and stores account credentials
-
- In some instances, you may be asked to authenticate and grant access to your financial data by providing your bank account login credentials directly to Plaid. We store those credentials and use them to collect the data to power the services you’ve chosen and, when requested, securely share it with the app you’re using and establish a secure connection that you control. We then help keep your data safe and private with best-in-class encryption protocols. For more information on how we use your data, please refer to our End User Privacy Policy.
- There are many reasons for the non-OAuth connection type to exist, one of which might be because your financial institution is currently in the process of migrating to the OAuth experience.
-
Using routing and account numbers
In this case, you would be asked to provide your routing number and account number directly to Plaid during the account connection process. Plaid will then either verify your account details immediately or send micro-deposits to your account for manual verification which could take one to two business days.