Plaid lack of privacy

S2C's Avatar


13 Jul, 2023 03:22 PM

It's been now 9 months since Chase has turned off their QFX portal and the only option MoneyDance has been offering is through Plaid...

Plaid is a TERRIBLE idea and opens an unacceptable breach of privacy. To be clear, every time you use Plaid to access bank activity, this service downloads AND STORES your financial transactions. And do not think for a minute that your privacy is protected. There is zero privacy control, they can do whatever they want with your financial history. Feel like letting the world know what restaurant you go to, which doctor you visit, where you buy gas on a trip, what store you patronize? The data will be sold to companies that target you for their marketing, but it can also be subpoenaed. Plaid does not have the iron-clad industry privacy protection that a financial institution has. And it can be hacked. Their database is not secure at the level that a bank database is (e.g. PA-DSS standards, etc.)

There has already been several lawsuits against Plaid. Caveat emptor - buyer beware.

It is time for Moneydance to offer another solution that does not expose user privacy the way Plaid does.

  1. 1 Posted by -Kevin N. on 13 Jul, 2023 04:22 PM

    -Kevin N.'s Avatar

    Hi S2C,

    Personally, ever since Chase dropped OFX direct-connect access to my data, I kept my Chase credit card account open, but I rarely use it anymore. They still offer manual downloads in CSV, QIF & QFX formats so that's good enough for the amount that I use the card.

    It was a little bit of a hassle but I opened a new credit card account at my bank (Regions) that provides free OFX direct-connect access and some pretty generous cash-back incentives.

    Screw Chase and any other financial institution that makes my life more difficult.

    -Kevin N. (not a member of Moneydance Support)

  2. 2 Posted by dwg on 13 Jul, 2023 10:09 PM

    dwg's Avatar

    With financial institutions withdrawing Direct Connect services if folks want Automatic downloads then using aggregators is really the only possible solution. Moneydance cannot become an aggregator it does not have the resources to do so.

    Attempts were made to automate downloads via the institutions web site, however after a considerable amount of work it was found that just continuing to develop and maintain this would be a major undertaking, probably of a scale to rival Moneydance itself, hence it proved to not be viable.

    The most private solution, short of manual data entry, is to download and import transactions manually.

  3. Support Staff 3 Posted by Maddy on 14 Jul, 2023 09:27 AM

    Maddy's Avatar

    Thank you for contacting Moneydance support.

    To clarify:
    In order to link to your bank, Plaid will redirect your browser to the bank's site which authenticates you directly. Neither Plaid nor Moneydance ever sees your password or even username for that matter. The bank redirects your browser back to Plaid with a token that is used to access your accounts at that bank for some period of time.

    As soon as the access token is acquired by the Moneydance+ server, it is encrypted using the public key from your linked data file. That means that only your data file can ever decrypt that access key, and even our server cannot access it.

    We've made every effort possible to not require the Moneydance+ server at all and have all communication go between Moneydance and your bank or Moneydance and Plaid. Unfortunately, that's simply impossible, so we went with the route where the MD+ server is the smallest most basic piece that sees as little information as possible.

    So, when Moneydance downloads transactions, it has to go through the MD+ server which authenticates your data file's public key and then basically pipes the connection through itself to Plaid which returns your transactions.
    (logging nothing)

    We chose Plaid specifically for their better privacy policy regarding end-user data. They do not share or distribute your data in any way according to the people we've talked to there as well as their privacy policy which you can find here:

    Finally, for further information it might be useful referring you to our blog page about Moneydance+, Privacy, and Subscriptions.

    I hope this information is helpful. Please let us know if you have further questions or need more assistance.

    Maddy, Infinite Kind Support

  4. 4 Posted by S2C on 14 Jul, 2023 02:16 PM

    S2C's Avatar

    The issue is not with password security. It is much, much worse.

    Every time a user uses MoneyDance+/Plaid to download their bank activity (daily?), it gives Plaid access to *ALL* their accounts for that bank. By access I mean transaction history, balances, account numbers, etc. Plaid then passes the transaction history to MD, but also stores the data and sells it to marketing firms.

    Plaid was sued over this behavior and paid $58m in settlement. Quote: "As part of the settlement, Plaid is required to delete some of its stored data [and] minimize the data it collects going forward..." Keywords: *SOME* of its stored data and *MINIMIZE* the data it collects. It does not say delete existing data and stop collecting new data...

    In short, Plaid is a for-profit company, what is their business model? Sell account holder data. Pure and simple. Are you ready to distribute your credit card transaction history so you can be better targeted by advertisers?

    The only viable solution is for InfiniteKind to develop a browser extension that will download QFX files from financial institutions, similar to what AwardWallet does with hotels and airlines to download rewards activities. User credentials are stored locally and the financial data is downloaded straight to the user's computer. I'd be more than willing to pay a reasonable subscription fee for this, and I bet I would not be the only one.

  5. 5 Posted by Stuart Beesley ... on 14 Jul, 2023 02:37 PM

    Stuart Beesley (Mr Toolbox)'s Avatar

    This is not true. It may be true in some countries, but it is not true for Plaid in the UK with Open Banking... For example, when I connect a UK bank, then the bank asks which account(s) to grant access; it's clear what info they provide. Plaid NEVER has access to my login details. Yes, it has readonly access to certain data..

    I believe un the US, it may be different as you describe.

  6. Support Staff 6 Posted by Maddy on 27 Jul, 2023 05:27 AM

    Maddy's Avatar

    Generally, in order to connect your accounts, Plaid will ask you to login to your bank. For many banks, Plaid will ask for your username and password and store it on their servers in order to enable continuous access to your transactions. For an increasing number of banks, Plaid will open a browser window directly to your bank's web site where you can login. In those cases, Plaid will store a token provided by the bank and not have access to or store your username and password. In all cases, Moneydance does not have access to your username or password.

    Finally, in the link we've posted earlier in this thread about Plaid's privacy, you may find that their privacy policy addresses some of this - they say they don't share with third parties - but not the fact that they have access to end-user data in general, which is essential to how Plaid works.

    I hope this information is helpful. Please let us know if you have further questions or need more assistance.

    Maddy, Infinite Kind Support

  7. 7 Posted by dwg on 27 Jul, 2023 05:55 AM

    dwg's Avatar

    Every aggregator stores the transactions on their servers, it is the way they provide later retrieval and can efficiently download information, no aggregator does on demand data downloads with no storage. That is what Direct Connect did and is a service that many U.S. institutions are no longer interested in providing

    Aggregators like Yodlee state up front that they use the data for analysis, that is part of their business model.

  8. 8 Posted by nhamdak on 19 Sep, 2023 02:17 PM

    nhamdak's Avatar

    The first suit against Plaid was Cottle v. Plaid Inc., 20-cv-03056-DMR (N.D. Cal. Jul. 20, 2022), where the court awarded $58 million to the plaintiffs; a second was filed by TB bank in New Jersey, May of 2020, for trademark infringement. TB bank later settled with Plaid. In the first suit it emerged the when Plaid appeared to open a browser window "directly to your bank's web site" it was in fact spoofing the bank login websites and capturing and storing the login credentials of the user. It would then logon to the bank site itself and download all the data from that account that was available on that server. The TD suit was filed on the grounds that such spoofing was trademark infringement. In the Cottle case Plaid agreed to cease certain of its practices but one does not know which have stopped.

  9. 9 Posted by nhamdak on 19 Sep, 2023 04:25 PM

    nhamdak's Avatar

    If users or support staff want to look at those cases here are some references. The "Cottle vs Plaid Inc" opinion can be found at:, the court created settlement site is at:, and a news story about Plaid "screen-scraping" is at:
    The DB bank description of its 2020 suit can be found at: and a courier-post news story about it is at:

  10. 10 Posted by avp2 on 27 Sep, 2023 10:32 PM

    avp2's Avatar

    Sounds like the User's ID and PW are pretty well protected with the MD+/Plaid method and the key is how do we know the data being passed back to us via a Plaid server and the MD+ server is secure and not being logged by Plaid or MD. I am inclined to believe MD is not logging readable data, but not so much in the case of PLAID. Maybe MD can provide a bit more detail on why they think this data is protected in the path from our banks through PLAID - for instance, is the data encrypted from bank to us and who might have the encryption key.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:


Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac