Source Code: Your daily look at what matters in tech.

fintechfintechauthorTomio GeronNoneGet access to the Protocol | Fintech newsletter, research, news alerts and events.f6ea366a38
×

Get access to Protocol

Your information will be used in accordance with our Privacy Policy

I’m already a subscriber
Protocol | Fintech

Plaid built a $13 billion business behind the scenes. Now it’s opening up.

The software startup focused on app developers early on. Now it's speaking to consumers — and regulators.

Doormat with Plaid logo on it

Plaid once spoke primarily to developers. Now it's engaging with consumers and regulators.

Image: Chris Fong/Protocol

Racing ahead of regulators and litigators, Plaid is changing how it operates.

The 8-year-old company, long content to cater to developers of fintech apps, was practically unknown before Visa launched a $5.3 billion buyout offer. That deal failed — but Plaid is now worth almost triple that as investors, grateful the startup stayed independent, pumped another $425 million into its coffers.

Its profile boosted considerably by the Visa deal, Plaid is grappling with challenges, including a class-action lawsuit filed by consumers who allege invasion of privacy and a separate though related suit by PNC Bank over trademark infringement, and pending reforms to Section 1033 of the Dodd-Frank Act governing consumer access to data that could either favor Plaid or make it harder to do business, depending on how particular rules take shape.

The issue in the two lawsuits is the way Plaid links bank accounts when a bank doesn't offer or use an API. With thousands of financial institutions in the U.S., Plaid sometimes has to present a login screen to users and scrape information from their bank's online-banking interface. The way it uses bank logos when prompting users to log in is at issue here — whether it deceives consumers and trods over banks' trademark rights in the process.

Plaid has several answers to these challenges. Of course, it's disputing the claims in lawsuits, as one would expect. But it's also moving past the business practices that left it open to such challenges by striking deals with banks and moving more and more of its transactions to permissioned environments. Three-quarters of its traffic will soon be done through APIs, Plaid says.

And it's positioning itself as a champion of consumer data access, arguing that allowing bank customers to use third parties like Plaid to connect their accounts to fintech apps encourages innovation and competition. While it doesn't see itself as a consumer company per se, Plaid sees giving consumers greater access to their own financial data as essential to its business.

The Consumer Financial Protection Bureau is considering changes to rules on financial data — particularly data shared between banks and fintech companies. This could move the U.S. closer to an open-banking system in which consumers can access and control the movement of financial data.

That change to Section 1033 of the Dodd-Frank Act has already received public comment and the CFPB is expected to come out with changes soon. (There could be delays, however, as the Senate has not yet confirmed nominee Rohit Chopra as head of the agency.) Whatever the outcome, it will have a major impact since fintech companies need to quickly and easily access consumers' financial data to make their products appealing. A lending app, for example, without a connection to a bank, might require a consumer to print out bank statements and mail them to a lender.

In the meantime, some companies are already positioning themselves for a changed regulatory environment. Plaid, one of the main fintech companies that could be affected, is assuming that changes are coming and is already making moves.

"Open finance has been a consumer-driven initiative in the U.S., not a regulatory-driven initiative," said John Pitts, policy lead at Plaid. "We view it as in our interests to do the right thing by consumers whether or not regulation is in place on the assumption that regulation will come."

Pitts, who was previously deputy assistant director for intergovernmental affairs at CFPB, previously said that Plaid would welcome being regulated as a data aggregator that helps consumers access data from a number of different financial institutions or fintechs.

"Once [1033] is secured, what are the next most important things to think about? We're already doing some of that. The other part is thinking through how to operationalize it," he said.

The company wants to make it easier for consumers to see what granular data they are sharing with a fintech or bank and why — both at the moment they click to approve a connection and in a broader data dashboard that they can access at any time to review and make changes. Plaid provides technology that can securely connect a consumer's data in a bank account and share it to fintech apps such as Chime, Venmo or SoFi. For example, when you sign up for a lending app and need to provide bank data to get a loan, Plaid will pop up a message for you to approve sharing that data to the lender.

Plaid has started providing more granular data through its Assets API product for consumers who, for example, share their data with lenders to underwrite a loan, Pitts said. Consumers can review this data before providing it to a lender.

"We're going to start expanding that to everything we do," Pitts said. "That ability to see everything in real time will become standard for everything Plaid offers."

Meanwhile, it recently launched an integration with US Bank for customers to see which apps are sharing data with the bank. Consumers can turn off an app from connecting with the bank from the Plaid Portal, which is in beta and is slated to officially launch this year, or from US Bank's page — and it will instantly update on the other site.

Plaid, which hasn't been a consumer-facing brand, has generally operated behind the scenes, but that could change with this consumer portal. "What that means is anywhere a consumer wants to exercise control on the network, it will be interoperable and all parts talk to each other," Pitts said.

Once fully launched, consumers could check Plaid's dashboard for any fintech apps or accounts that are connected, turn them off or request the deletion of data.

Plaid also just signed an API deal with Capital One, which had previously blocked Plaid, leading to complaints by Wave, a Plaid customer, among others. Plaid now has agreements with Wells Fargo and Chase and connects other banks through its Plaid Exchange.

Contrast that with the way PNC customers have to interact with Venmo, a Plaid customer. Because PNC doesn't connect with Plaid, customers have to add their bank account and routing number and wait for two sub-$1 transfers to show up in their account. That's a method that dates back to the earliest days of PayPal, now Venmo's parent — revolutionary in 2000, clunky and slow in 2021. Since Plaid doesn't connect with PNC, it can't show them on its dashboard.

PNC aside, banks have become more open to providing data recently, Pitts said — that's due to the pandemic accelerating banks' digital strategies as consumers stuck at home sought many more digital tools. Plaid has also sought to ease banks' fears by committing to having 75% of its traffic dedicated to APIs by the end of this year. "That's an important signal to the banking side of the ecosystem that we are aiming at a sustainable future for open finance that runs on tech rails," Pitts said.

This means that past practices that Plaid and other companies have used to access this data, such as native integrations or scraping it from websites — the automated copying of data from a web page — will not be necessary. Plaid and some banks have been trying to move to APIs because scraping requires giving up login information and cedes control as to which data is being accessed.

As fintechs gain more share, consumers are not just seeking to move data from their banks to fintechs. They're also looking to move data from fintechs to banks. Pitts declined to name any of its fintech customers that are sending data to banks, but there were 16 million consumers who connected a fintech to a bank in the first quarter, he said.

Protocol | Fintech

Amazon wants a crypto play. Its history in payments is not encouraging.

It missed chances to be PayPal, Square and Stripe — so is this its chance to miss being Coinbase, too?

Amazon wants to be a crypto player.

Image: NurPhoto/Getty Images

The news that Amazon was hiring a lead for a new digital currency and blockchain initiative sent the price of bitcoin soaring. But there's another way to look at the news that's less bullish on bitcoin and bearish on Amazon: 13 years after Satoshi Nakamoto's whitepaper appeared on the internet, Amazon is just discovering cryptocurrency?

That may be a bit unkind, but the truth is sometimes unkind. And the reality is that Amazon has a long history of stumbles and missed opportunities in payments, which goes back more than two decades to the company's purchase of internet payments startup Accept.com.

Keep Reading Show less
Owen Thomas

Owen Thomas is a senior editor at Protocol overseeing venture capital and financial technology coverage. He was previously business editor at the San Francisco Chronicle and before that editor-in-chief at ReadWrite, a technology news site. You're probably going to remind him that he was managing editor at Valleywag, Gawker Media's Silicon Valley gossip rag. He lives in San Francisco with his husband and Ramona the Love Terrier, whom you should follow on Instagram.

Over the last year, financial institutions have experienced unprecedented demand from their customers for exposure to cryptocurrency, and we've seen an inflow of institutional dollars driving bitcoin and other cryptocurrencies to record prices. Some banks have already launched cryptocurrency programs, but many more are evaluating the market.

That's why we've created the Crypto Maturity Model: an iterative roadmap for cryptocurrency product rollout, enabling financial institutions to evaluate market opportunities while addressing compliance requirements.

Keep Reading Show less
Caitlin Barnett, Chainanalysis
Caitlin’s legal and compliance experience encompasses both cryptocurrency and traditional finance. As Director of Regulation and Compliance at Chainalysis, she helps leading financial institutions strategize and build compliance programs in order to adopt cryptocurrencies and offer new products to their customers. In addition, Caitlin helps facilitate dialogue with regulators and the industry on key policy issues within the cryptocurrency industry.
Protocol | Enterprise

How Google Cloud plans to kill its ‘Killed By Google’ reputation

Under the new Google Enterprise APIs policy, the company is making a promise that its services will remain available and stable far into the future.

Google Cloud CEO Thomas Kurian has promised to make the company more customer-friendly.

Photo: Michael Short/Bloomberg via Getty Images 2019

Google Cloud issued a promise Monday to current and potential customers that it's safe to build a business around its core technologies, another step in its transformation from an engineering playground to a true enterprise tech vendor.

Starting Monday, Google will designate a subset of APIs across the company as Google Enterprise APIs, including APIs from Google Cloud, Google Workspace and Google Maps. APIs selected for this category — which will include "a majority" of Google Cloud APIs according to Kripa Krishnan, vice president at Google Cloud — will be subject to strict guidelines regarding any changes that could affect customer software built around those APIs.

Keep Reading Show less
Tom Krazit

Tom Krazit ( @tomkrazit) is Protocol's enterprise editor, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire, and served as executive editor of Gigaom and Structure.

Amazon job opening points to plan to accept crypto payments

The news sparked a rally in the values of bitcoin and other cryptocurrencies.

Amazon may be planning to let customers pay for orders with cryptocurrencies.

Photo: David Ryder/Getty Images

Amazon is looking to hire a digital currency and blockchain expert suggesting a plan to let customers accept cryptocurrencies as payments.

The tech giant's job opening says Amazon is looking for "an experienced product leader" to help develop the company's "digital currency and blockchain strategy and roadmap" Amazon is looking for product leader with expertise in blockchain, distributed ledger, central bank digital currencies and cryptocurrency.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.

Protocol | Policy

Big Tech tried to redefine terrorism online. It got messy fast.

The Global Internet Forum to Counter Terrorism announced a series of narrow steps it's taking that underscore just how fraught the job of classifying terror online really is.

Erin Saltman is GIFCT's director of programming.

Photo: Paul Morigi/Flickr

A little over a month after the Jan. 6 riot, the tech industry's leading anti-terrorism alliance — a group founded by Facebook, YouTube, Microsoft and Twitter — announced it was seeking ideas for how it could expand its definition of terrorism, which had for years been more or less synonymous with Islamic terrorism. The group, called the Global Internet Forum to Counter Terrorism or GIFCT, had been considering such a shift for at least a year, but the rising threat of domestic extremism, punctuated by the Capitol uprising, made it all the more clear something needed to change.

But after months of interviewing member companies, months of considering academic proposals and months spent mulling the impact of tech platforms on this and other violent events around the world, the group's policies have barely budged. On Monday, in a 177-page report, GIFCT released the first details of its plan, and, well, a radical rethinking of online extremism it is not. Instead, the report lays out a series of narrow steps that underscore just how fraught the job of classifying terror online really is.

Keep Reading Show less
Issie Lapowsky

Issie Lapowsky ( @issielapowsky) is Protocol's chief correspondent, covering the intersection of technology, politics, and national affairs. She also oversees Protocol's fellowship program. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University's Center for Publishing on how tech giants have affected publishing.

Latest Stories