A data deal between Wells Fargo and Intuit made public Friday could be another step toward large banks' sharing customer information with fintechs and aggregators.
In the second half of this year, the estimated million or so Wells Fargo consumers who use QuickBooks Online, Mint, or TurboTax Online will be able to opt in to have their bank account data automatically fed into those programs through application programming interfaces.
The announcement comes about a week after JPMorgan Chase revealed a similar deal with Intuit and eight months after Wells Fargo completed a similar agreement with the accounting software provider Xero.
The goal of all of these deals is the same: to provide a more secure, standards-based way of giving customer data to third-party software providers and data aggregators like Intuit and Yodlee. It’s an alternative to screen scraping, the common practice in which consumers share their online banking usernames and passwords with third parties, which then log in as them to “scrape” their account information from the bank’s site.
Data aggregators have accused banks in the past of blocking this activity. Banks have countered that screen scraping is insecure and a strain on their online banking servers. Consumer advocates argue that the whole industry needs to come to some agreement on this issue, to help give consumers control of their data.
Wells Fargo, which has assets of $1.9 trillion, is using open standards to share data, said Brett Pitts, head of digital for Wells Fargo Virtual Channels. Specifically, it’s using the OAuth 2.0 standard for token-based authentication and authorization on the internet.
Although Pitts did not share the specific API standard Wells is using with Intuit, the bank is not using the Open Financial Exchange 2.2 API standard JPMorgan is using. Instead, he said it is using open API standards with published specs that are easily consumable by partners.
JPMorgan’s method has drawn some mixed reaction from observers. On one hand, partnerships are viewed as a positive for customers and their data. On the other, one-off deals are viewed as not being conducive to the creation of a larger ecosystem of data portability.
“We do think the emergence of these bilateral partnerships is a good first step towards a more secure and reliable data sharing environment,” said Beth Brockland, managing director at the Center for Financial Services Innovation in Chicago. “We've simply been saying that additional industrywide coordination will be needed to ensure that small institutions and startups can also participate.”
Brockland, along with Jennifer Tescher, CFSI’s chief executive, wrote a BankThink post recently about the need for data-sharing standards.
Pitts said he agrees with CFSI’s stance.
“To the degree we all take similar approaches, it will be easier for everybody to adopt,” Pitts said. “I’m happy when we make these kinds of announcements and I’m happy when I see them elsewhere. It’s most effective if everybody is able to adopt the standards. It’s hard to be scalable if there are thousands of point-to-point solutions.”
Overall, Pitts said, the bank is aiming to give customers visibility and control over how their data is used.
The Wells Fargo-Intuit deal has been in the works for more than a year.
“We’ve been a business partner with Intuit for well over a decade,” Pitts said. “We’ve been talking with them about this space and the needs of our joint customers for the past couple of years generally.”
More concerted effort and specific negotiations and proof of concept work took place throughout 2016, and agreement was reached recently.
“The most important thing for us was to make sure we were setting this stuff up the right way, keeping customers in the middle, and taking a modern, robust, scalable approach to this,” Pitts said.
Wells Fargo has been working on an infrastructure for its open APIs called the Wells Fargo Gateway Channel developer portal for the past year. In addition to third parties like Xero and soon Intuit, commercial customers are using the gateway to integrate their Wells Fargo account data with their own enterprise resource planning and accounting systems.
It has been important to the company to take a big-picture approach to open APIs, rather than point solutions, Pitts said.
Pitts also pushed back at the notion that banks have avoided open APIs in order to constrain their data.
“Our intention and tone is not self-protective, it’s not about how can we maintain proprietary data, it’s not about throttling or trying to control access,” he said. “It’s about, how do we do this in a way that enables us make Wells Fargo data portable in a secure way.”