Data

How JPMorgan is pushing back against fraud in fintech

  • JPMorgan wants to make it easier for customers to use fintech apps -- something JPM excelled in long before the rest of the industry embraced legacy-startup collaboration
  • JPMorgan and Wells Fargo are leading the push against screen scraping, the more common way for companies to access customer data
close

Email a Friend

How JPMorgan is pushing back against fraud in fintech

The market for consumer fintech apps may be a little saturated, but if customers want to use them, JPMorgan is going to let them — if it’s safe.

On Tuesday, the U.S. banking giant announced an API-sharing agreement with the Utah-based data aggregator Finicity, in which the bank would push customer data to Finicity through an application programming interface that would be shared with its various clients, digital lending and personal financial management apps of interest to Chase customers.

“Our customers really want to use these financial apps and they do use them a lot,” said Trish Wexler, a spokeswoman for JPMorgan Chase. “We want them to find a safe, secure and private way for them to be able to do that without having to hand over their bank password. We think using a tokenized method — instead of having an aggregator come in and screen scrape a customer’s full accounts — is a safer and more private way to do that.”

Screen scraping is the most common way for companies to access customer data. When customers log into third-party sites or apps with their bank credentials, their sensitive information gets “scraped” by the company and stored for re-use. That way, the company can log into the bank account as the customer in order to retrieve account data as necessary.

That makes any possible breach of the fintech app a breach of the bank account. Fraud is often a bigger problem for the bank than the customer; customers can usually rest assured the bank will investigate the transactions and return the funds to their accounts. But in a world where customers are sharing data carelessly and frequently in almost everything they do, they’re vulnerable to more extreme consequences of identity fraud.

It’s hard to make them care about that.

“It’s clear that when there’s a screen on a new app doing a refresh that says ‘click here to accept new terms of the agreement’ both of us would raise our hand and say yeah, I didn’t read that,” Wexler said. “It’s like leaving your keys on front door and walking away.”

This is JPMorgan’s second such agreement. At the beginning of the year, it formed a similar one with Intuit, in which it would share data on its customers that sign up for Intuit products and services — QuickBooks, TurboTax and Mint.

“For years, we have been describing the risks – to banks and customers – that arise when customers freely give away their bank passcodes to third-party services, allowing virtually unlimited access to their data,” JPMorgan CEO Jamie Dimon said in his annual letter to shareholders earlier this year. “Customers often do not know the liability this may create for them, if their passcode is misused, and, in many cases, they do not realize how their data are being used. For example, access to the data may continue for years after customers have stopped using the third-party services.”

JPMorgan spent 16 percent of its total expenses on technology in 2016, it said in its annual report. It allotted $3 billion of a total $9.5 billion in spending to “new initiatives,” $600 million of which it used for fintech partnerships and improving digital and mobile services.

It’s Finicity’s second deal with a bank too; in April it signed a deal with Wells Fargo, which wants to establish itself as the leader of the anti-screen-scraping movement. Wells formed a deal with Intuit in February and with Xero a year ago. Banks and other industry players are having many conversations about whether there should be more standardization where data sharing and exchanging is concerned and what those standards might be, Wexler said, adding that Chase has been in talks with “all major aggregators” and will continue having those conversations.

Finicity is slightly different from the other data aggregators in that allows its partners, Wells Fargo and Chase, to move data to the third-party fintech apps that work with it (like Mvelopes, Lendio, Drop and PocketGuard); whereas Intuit and Xero use banks’ customer information for their own financial applications. JPMorgan was swooping up fintech partners — Zelle, Roostify, OnDeck Capital, TrueCar, Symphony — long before the industry as a whole began embracing collaboration and declaring 2017 the year of bank-fintech partnerships.

“Under this arrangement, customers can choose whatever they would like to share and opting to turn these selections on or off  as they see fit,” Dimon said of the Intuit agreement in the annual letter. “We are hoping this sets a new standard for data-sharing relationships.”

0 comments on “How JPMorgan is pushing back against fraud in fintech”

Data, Sponsored

How we can stop using the term ‘financial inclusion’

  • Our current credit system has led to decades' worth of errors and financial exclusion.
  • But as consumers get more autonomy in their financial decision-making, lenders may have to finally change their ways.
Nova Credit | April 26, 2022
Data, Sponsored

Our credit system is broken — now how do we fix it?

  • Our current credit system has led to decades’ worth of errors and financial exclusion.
  • But as consumers get more autonomy in their financial decision making, lenders may have to finally change their ways.
Nova Credit | April 12, 2022
Data, Sponsored

How data is helping B2B fintech lenders step up to address loan application fraud

  • Alternative data leads to predictive models for fintechs -- risk modeling, fraud detection, and lead scoring.
  • In the third part of this article series, we discuss how alternative data is a solution against loan application fraud.
Explorium | April 04, 2022
Data

Unlocking the value in consumer data: Klover CEO Brian Mandelbaum on making banking free

  • Klover leverages user data to offer free financial services to its customers.
  • Instead of relying on user fees, the firm drives revenue from its partner merchants.
Subboh Jaffery | March 25, 2022
Artificial Intelligence, Data

‘This year, banks will strive to balance two opposing forces’: The state of AI in banking 2022

  • AI developments in banking have so far been restricted mostly to back-end uses. This year, there is a desire among service providers to focus on innovating more for the front-end.
  • As AI becomes smarter and banks begin holding increasingly intimate data about their customers, the industry is expected to progress slowly and responsibly.
Subboh Jaffery | January 31, 2022
More Articles