Hacker News new | past | comments | ask | show | jobs | submit login

So, pertinent question. I want to move my account to a bank which gives me an API so I don't have to deal with Plaid or Mint. I.e. I want data privacy. I want to build a personal dashboard of where my money is going.

Any suggestions?

> Any suggestions?

Lobby your lawmakers. Banks have no incentive to provide open APIs.

For example, in the UK banks did nothing until they were forced to - the market regulator now requires the nine largest banks to provide an open API (https://www.openbanking.org.uk).

Open Banking is a sham. It mandates account access for "AISPs" which need to be registered, audited, etc which is unfeasible for a solo developer especially when releasing a free/open-source product. Worse, it doesn't actually mandate your access to your own account, so that still depends on the bank. The modern banks provided APIs even before open banking so we're good, but the legacy ones still don't provide personal APIs.

It's not ideal, but I wouldn't call it a sham. Vulnerable users' banking details are highly targeted by fraudsters, and I can see the concern from lawmakers that making it mandatorily open to all via some oauth style flow (for ex) would limit the banks from controlling access to scammers.

The law doesn't restrict the banks giving access to non-AISPs and, like you say, many of the modern banks do have personal API access, it just sets a minimum bar you have to reach before they're forced to let you in. It seems like a pragmatic middle ground.

What is bad, in my eyes, is the law currently only applies to the CMA9.

If you find one let me know. That was the promise of Simple Bank when they launched. I've been with them around 7+ years now and a couple years in they quietly removed that claim from their website and support responses said they weren't working on it anymore. They are still a decent bank but API access never materialized.

In fact I randomly came across me bemoaning this fact 5 years ago lol [0]. Also at one point I wrote my own small wrapper to access parts of their internal API [1] but I haven't touched that in years so I seriously doubt it still works at all.

[0] https://news.ycombinator.com/item?id=10623628

[1] https://github.com/joshstrange/simplebank

I must say I was quite surprised when I read this comment. In Germany we have FinTS [1] with an open specification and I'm not aware of a single bank that doesn't support it. It's been around since 2002 [2] and is based on HBCI, which became available in 1998 [3].

I suspected it might be different elsewhere, but I had no idea that the situation was so dire that you had to actively go looking for a bank with an API.

[1] https://en.m.wikipedia.org/wiki/FinTS

[2] https://de.wikipedia.org/wiki/Financial_Transaction_Services (German)

[3] https://de.wikipedia.org/wiki/Homebanking_Computer_Interface (German)

FinTS does not solve the problem of (scoped) authentication and authorization at all.

It merely provides a standardized interface to access account data or initiate transactions, but it still uses a plain username/password login to authenticate.

Even that it does not do particularly well – the protocol is horrendously outdated and does not support "recent" inventions like credit cards on many popular banks, which means that banking aggregators have to fall back to screenscraping anyway.

However, this will hopefully change soon with PSD2/SCA, which does mandate such secure account access (based on OAuth2, if I understand it correctly).

I believe https://monzo.com/ is aiming for this

Developer docs: https://docs.monzo.com/

I'm not currently aware of a US bank equivalent

In theory, you could use OFX, which is an open standard that powers the "Download transaction" feature of Quicken/MS Money

In practice, banks never tell you the address of their OFX server and you have to rely on community compiled database (eg ofxhome); many banks' implementations are iffy; some banks even charge you for enabling OFX support on your account. In the end it's just so much easier to outsource this to Plaid, which is why they are a billion dollar business.

You could try Actual [1], which stores your data locally. It does however go through Plaid. Would be interesting if there was an alternative option to screenscrape your online banking portal.

[1] https://actualbudget.com/

However, it seems, that isn't even out yet:

"Bank syncing is a critical feature that is coming soon!"

You can manually import QFX/other standard formats though, but not all banks have exports of this, and it's very manual.

What about OCR'ing (or extracting from an electronic PDF) your bank statement each month and then parsing the data into your desired format? You could add tags, metadata, etc. as well.

I'm thinking of something where you download your statement (usually available in PDF form) and then drag it to a web interface where it then gets OCR'd and processed.

A bit more manual, but the upside is you're not leaking your creds and you should also have access to more data (banks have to provide statements and they usual provide them going back many years).

Every bank I use provides _some_ sort of structured data export (at the very least a csv, and in most cases a more finance-specific format (OFX, etc). I'm not talking "modern" banks here, either (Ironically, the most modern bank I use, Aspiration, only provides exports in a non-standard csv format)

Have you tried AutoEntry? Might be the solution you are looking for. https://www.autoentry.com/

Check out Mintable: https://github.com/kevinschaich/mintable

It uses Plaid out-of-the-box, but it has a pluggable provider model for other data sources: https://github.com/kevinschaich/mintable/blob/master/docs/PR...

Monzo or Starling in the UK.

In the absence of APIs from most banks, it would be nice if there was a client side personal finance web app that allowed uploading .csv or pdf statements, and scraped those for you locally, perhaps with the option of using your own Google Drive or Dropbox as a persistent storage backend beyond browser localstorage.

Just do what Plaid does and scrape it. Your bot could also download a csv file.

In the UK I'd suggest Monzo or Starling Bank.

the only way atm would be to sign up for email notifications for any transactions, and parse the emails to get relevant data

there are a few issues though:

1. some banks only send notifications for transactions that are over a certain amount (eg BofA is >$25)

2. the merchant name is arbitrarily cut-off (based on char length), so you don't really get reliable merchant info

You could parse SMS too.

Yeah, I'll second this. I figure we're talking headless browser scraping of online banking portals.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact