JPMorgan Chase signs data sharing agreement with Envestnet Yodlee
JPMorgan Chase has signed a data sharing agreement with Envestnet Yodlee through which bank customers will be able to pull their account information into applications supported by the data aggregator and wealth management platform provider via a direct pipeline.
JPMorgan announced a similar agreement with another data aggregator, Plaid, in October 2018, and in January 2017 it reached a data sharing agreement with Intuit.
According to Envestnet Yodlee CEO Stuart DePina, his company has been in discussions with JPMorgan for well over a year, learning about the infrastructure needed to support the bank’s customers and the use cases that made sense for both companies’ customers.
“We do believe this type of agreement enables innovation to thrive in the digital banking arena and ultimately, helps consumers with improved site reliability, greater data access speeds, and improved consumer authentication and consent experience,” DePina said.
DePina declined to answer questions about the terms of the agreement, what data is being shared, how it will be secured or what the financial arrangement is between the two companies.
Wells Fargo, BBVA Compass, Citigroup, JPMorgan and Silicon Valley Bank are among the institutions that have signed agreements with data aggregators to share customer data through application programming interfaces.
Typically, banks sign contracts in order to let their customers link their existing bank accounts to popular apps customers want to use. They also make these deals because they loathe the practice of screen scraping, where an aggregator logs in with the customer’s user name and password and copies and pastes their account information each month. The banks say screen scraping is a fraud hazard because it can be hard to distinguish these robo logins from hackers. They also don’t want their customers giving out their user names and passwords to third parties. Some data aggregators say they add security to these logins by requiring one-time passwords, even if the bank doesn’t require them normally.
With this new agreement, Envestnet Yodlee is committing to send 100% of its data requests for JPMorgan customer data through the bank’s API, according to DePina. The two companies will use the Oauth authentication method to let the customer opt in to new services that require bank account data.
This deal is of note in part because JPMorgan CEO Jamie Dimon has previously said he would not allow the sale of any bank customer data to third parties. It’s been widely reported that Envestnet Yodlee sells data to hedge funds and others. Envestnet Yodlee said it only sells de-identified data analytics and insights to institutional investors, market research firms and investment research companies.
“We also firmly agree with Mr. Dimon that the sale of personally identifiable customer data is off limits and not something we are engaged in with our customers or partners,” DePina said.
This agreement enables JPMorgan customers to use more than 1,200 financial applications supported by Envestnet Yodlee with stronger security, improved data connectivity and greater reliability, DePina said.
“This will help our customers manage exactly who they give their information to, and understand how their information will be used,” Bill Wallace, head of digital at Chase, the U.S. consumer and community banking business of JPMorgan Chase, said in a press release. “They also can cancel that access anytime they want.”