NEW YORK—The uneasy relationship between banks and companies that use their data to provide personal finance services has shown signs of fraying in recent months, causing some frustrating disruptions in service to people trying to track their spending.
Who knew keeping tabs on your monthly coffee budget could be so contentious?
Personal finance web sites and apps that can provide a way for users to monitor their finances across all of their banks and credit cards have become popular because they give users an almost real-time view of their financial lives in a way that was impossible a few years ago. Mint, a personal finance service is owned by Intuit, has 2.5 million daily users. BillGuard, which monitors for fraudulent transactions, has 1.3 million users and was bought by the lending company Prosper earlier this year.
But these sites and apps depend on data from all of each user’s financial institutions, data that is extremely sensitive and extremely valuable for marketing financial products.
JPMorgan Chase and Bank of America said they temporarily cut or slowed down the amount of data they are providing to sites like Mint.com on a few occasions recently. While Capital One still allows customers to access their data on these services, the bank offers a stern warning that it is not “liable for any resulting damages or losses” if a customer’s data is breached at one on one of those services.
The banks say the reason for the disruptions is technical. The personal finance sites strain the banks’ computer systems, the banks say, because the millions of Mint users ping Chase or BofA constantly for recent transactions, deposits and other data. That leaves them a choice between providing services to these aggregators and keeping their own websites up and running.
The banks are uncomfortable with the personal finance services for other reasons, however. A few banks have admitted that they have failed to deliver comprehensive financial management tools to their customers, allowing these sites to flourish. And they say they are worried that these third-party sites could expose customer log-in data and financial information to cyber-criminals.
“Aggregators potentially sit on a treasure-trove of financial information on customers. Oftentimes they will have credentials that would give access to every one of the customers’ financial relationships,” said Doug Johnson, a payments and cybersecurity expert at the American Bankers Association.
Banks and other companies have long struggled to keep third-party service providers from exposing their customers’ financial information. Just this week, federal authorities brought charges against three people from an outside provider who stole consumer data from JPMorgan Chase & Co. Cyber-criminals tapped into third-party systems to pull off high-profile thefts of customer data from Target and Home Depot in recent years.
This isn’t the first time an industry has tried to deny data aggregators access to customer information. Some airlines have cut off services like AwardWallet, which aimed to allow users to track all of their frequent flier programs in one space.