Data

How JPMorgan is pushing back against fraud in fintech

  • JPMorgan wants to make it easier for customers to use fintech apps -- something JPM excelled in long before the rest of the industry embraced legacy-startup collaboration
  • JPMorgan and Wells Fargo are leading the push against screen scraping, the more common way for companies to access customer data
close

Email a Friend

How JPMorgan is pushing back against fraud in fintech
The market for consumer fintech apps may be a little saturated, but if customers want to use them, JPMorgan is going to let them -- if it’s safe. On Tuesday, the U.S. banking giant announced an API-sharing agreement with the Utah-based data aggregator Finicity, in which the bank would push customer data to Finicity through an application programming interface that would be shared with its various clients, digital lending and personal financial management apps of interest to Chase customers. “Our customers really want to use these financial apps and they do use them a lot,” said Trish Wexler, a spokeswoman for JPMorgan Chase. “We want them to find a safe, secure and private way for them to be able to do that without having to hand over their bank password. We think using a tokenized method -- instead of having an aggregator come in and screen scrape a customer’s full accounts -- is a safer and more private way to do that.” Screen scraping is the most common way for companies to access customer data. When customers log into third-party sites or apps with their bank credentials, their sensitive information gets “scraped” by the company and stored for re-use. That way, the company can log into the bank account as the customer in order to retrieve account data as necessary. That makes any possible breach of the fintech app a breach of the bank account. Fraud is often a bigger problem for the bank than the customer; customers can usually rest assured the bank will investigate the transactions and return the funds to their accounts. But in a world where customers are sharing data carelessly and frequently in almost everything they do, they’re vulnerable to more extreme consequences of identity fraud. It’s hard to make them care about that. “It’s clear that when there’s a screen on a new app doing a refresh that says ‘click here to accept new terms of the agreement’ both of us would raise our hand and say yeah, I didn't read that,” Wexler said. “It’s like leaving your keys on front door and walking away.” This is JPMorgan’s second such agreement. At the beginning of the year, it formed a similar one with Intuit, in which it would share data on its customers that sign up for Intuit products and services -- QuickBooks, TurboTax and Mint. “For years, we have been describing the risks – to banks and customers – that arise when customers freely give away their bank passcodes to third-party services, allowing virtually unlimited access to their data,” JPMorgan CEO Jamie Dimon said in his annual letter to shareholders earlier this year. “Customers often do not know the liability this may create for them, if their passcode is misused, and, in many cases, they do not realize how their data are being used. For example, access to the data may continue for years after customers have stopped using the third-party services.” JPMorgan spent 16 percent of its total expenses on technology in 2016, it said in its annual report. It allotted $3 billion of a total $9.5 billion in spending to “new initiatives,” $600 million of which it used for fintech partnerships and improving digital and mobile services. It’s Finicity’s second deal with a bank too; in April it signed a deal with Wells Fargo, which wants to establish itself as the leader of the anti-screen-scraping movement. Wells formed a deal with Intuit in February and with Xero a year ago. Banks and other industry players are having many conversations about whether there should be more standardization where data sharing and exchanging is concerned and what those standards might be, Wexler said, adding that Chase has been in talks with "all major aggregators" and will continue having those conversations. Finicity is slightly different from the other data aggregators in that allows its partners, Wells Fargo and Chase, to move data to the third-party fintech apps that work with it (like Mvelopes, Lendio, Drop and PocketGuard); whereas Intuit and Xero use banks' customer information for their own financial applications. JPMorgan was swooping up fintech partners -- Zelle, Roostify, OnDeck Capital, TrueCar, Symphony -- long before the industry as a whole began embracing collaboration and declaring 2017 the year of bank-fintech partnerships. “Under this arrangement, customers can choose whatever they would like to share and opting to turn these selections on or off  as they see fit,” Dimon said of the Intuit agreement in the annual letter. “We are hoping this sets a new standard for data-sharing relationships.”

0 comments on “How JPMorgan is pushing back against fraud in fintech”

Data

As tides shift against screen scraping, complications abound for smaller FIs

  • Screen scraping is experiencing increased scrutiny from regulators and competition from API-based solutions. The practice may finally be on its way out.
  • But what would an API-based data sharing environment look like? How will the transition away screen scraping occur and would it be fair to all institutions?
Rabab Ahsan | June 09, 2023
Banking, Data

Behind Finastra’s integration of Plaid to simplify the banking experience for end users

  • Finastra recently integrated Plaid into its Fusion Digital Banking platform, enabling banks and credit unions to deliver a simplified banking experience – account verification and authorization – to their end customers through Plaid Link. 
  • Combined with Plaid's API, FIs using Fusion Digital Banking can incorporate credential-less integrations and easier user interactions. 
Sara Khairi | May 08, 2023
Data, Lending

How Pagaya uses alternative solutions to decision on credit, enabling more financial inclusion

  • Pagaya combines alternative solutions powered by AI with traditional credit reporting databases.
  • The firm analyzes hundreds of data points to generate tailored recommendations that allow its partners to make credit decisions for borrowers that may not meet a particular FICO cutoff.
Sara Khairi | April 20, 2023
Data, Sponsored

How marginal improvements in data strategy can yield tremendous results

  • The truth is brutal: data is hard, and most people don’t understand it.
  • Here's how marginal improvements to a company's data strategy can have a profound impact.
Quantalytix | December 14, 2022
Data, Podcasts, Sponsored

‘Earned wage access is the next evolution in improving day-to-day liquidity’: Argyle’s Matthew Gomes

  • Director of strategy at Argyle, Matt Gomes, joins us on the Tearsheet Podcast.
  • Listen in to our conversation about how payroll and employment data API platforms enable financial institutions to bring the next generation of financial products to consumers.
Argyle | September 22, 2022
More Articles