* It's suggested is that Visa will 'fix' the security concerns that Plaid introduces (the use of username & password collection), but it seems unclear how Visa would be able to change the fundamentals of the Plaid<->bank interactions?
* It's also theorized that European banks will prefer to use Plaid rather than a privately recommended solution (not referenced in the article) to achieve EU open banking compliance. Do Plaid have strong relationships with EU banks at present, and would it not be more likely that Plaid would implement against the existing EU open banking APIs (single implementation, no lobbying) than that Plaid would implement their own alternative (requiring per-institution implementation, and also lobbying to ensure their approach is accepted both by banks and EU regulators)?
But does that then imply that users authenticate with their bank via Visa (i.e. Visa becoming an identity provider -- not totally unimaginable given their association with customer-issued cards)? Or instead that banks would implicitly offer this data to Plaid/Visa under their card issuance ToS, without user authentication required?
(I'm not really asking for answers, I don't think we can really know at this point. It just leads to questions like this and I'm curious)
But ya, I bet they're going to push hard on "provide us openid connect" in future contract negotiations to solve the security problem.