Hacker News new | past | comments | ask | show | jobs | submit login

Which is how 2FA is supposed to work. Perhaps they try to keep the session from timing out, but that is bound to break.

The solution is regulation to force Banks to provide customer data over an API to an authorized third party (preferably with 2FA on that too, and other security mechanisms, like mutual auth, auditing the security and probity of the subscriber etc).

Scraping is such a 1990s solution, and Plaid's Uber-like disregard for rules made it a non-starter for anyone sensible.

Ironically, while it might get systematic integration with VISA, the privacy implications are far worse.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact