Hacker News new | past | comments | ask | show | jobs | submit login

The narrative here is internally consistent but there are a few pieces that I don't quite understand when it meets reality:

* It's suggested is that Visa will 'fix' the security concerns that Plaid introduces (the use of username & password collection), but it seems unclear how Visa would be able to change the fundamentals of the Plaid<->bank interactions?

* It's also theorized that European banks will prefer to use Plaid rather than a privately recommended solution (not referenced in the article) to achieve EU open banking compliance. Do Plaid have strong relationships with EU banks at present, and would it not be more likely that Plaid would implement against the existing EU open banking APIs (single implementation, no lobbying) than that Plaid would implement their own alternative (requiring per-institution implementation, and also lobbying to ensure their approach is accepted both by banks and EU regulators)?

On #1 I assume it’s simply the fact that Visa is big enough and stable/reliable enough that banks would be willing to do the integration to them to get the benefits instead of doing hundreds of bespoke integrations for little apps/services.

The trusted, widespread brand angle does make sense there as a reason for banks to choose to integrate with Visa, agreed.

But does that then imply that users authenticate with their bank via Visa (i.e. Visa becoming an identity provider -- not totally unimaginable given their association with customer-issued cards)? Or instead that banks would implicitly offer this data to Plaid/Visa under their card issuance ToS, without user authentication required?

(I'm not really asking for answers, I don't think we can really know at this point. It just leads to questions like this and I'm curious)

User authentication would be handled somewhere :)

But ya, I bet they're going to push hard on "provide us openid connect" in future contract negotiations to solve the security problem.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact