Hacker News new | past | comments | ask | show | jobs | submit login

First question from reading through the landing page is about this part:

> Import your statements from your broker or bank.

Exactly what brokers/banks that are supported should be listed somewhere and linked here, as that's a "make or break" feature for a lot of people I bet. Not much point in replacing my homegrown "Banks CSV export -> Data processing > Import into spreadsheet" workflow unless I just replace that last step but the previous ones remain the same.




As an avid, daily Quicken user, yes, seamless integration with financial institutions is my #1 requirement. I am not willing to manually navigate a dozen banks' broken UIs to find their "download CSV" option, hope it works, download a bunch of files to my computer, and then hope that they can be imported into my application--and then repeat every day when I update.

I have in the past switched physical banks purely because their integration was either terrible or not working and I refused to go the "download CSV" route.

Unfortunately some banks are starting to drop support for applications directly connecting to them, and moving to an unacceptable model where intermediaries like Intuit's servers have to do the communication and store your credentials. This has been getting noticeably shittier in the last couple of years.

My #2 requirement (a close second) is that the application must be running on my local PC. I will never accept a cloud-based web-app or something I have to host on a VPS and access through some dinky HTML/JS UI.


Interesting perspective because my #1 requirement is that no 3rd party gets financial login credentials at all. I'm willing to do CSVs in order to not compromise on security, although the experience most certainly is bad.


A lot of brokers offer read-only logins/API keys for these cases. I still heavily agree with your general sentiment - purchasing power is among the most valuable information to businesses and advertisers.


This is a huge waste of time and not worth it. The amount of hours you spend fixing errors manually vs the small risk your info gets out I don't think is worth it.


Is it a small risk? The track record of information security with corporations is dreadful and brokerage login details are about the most expensive things one could have stolen.


Completely disagree. Weighing risk vs reward the risk is that my identity gets stolen while the reward is that I don't have to login to my accounts and enter information manually.

At some point I suspect every person on the planet will have experienced a data exposure event and the question will switch from: have you ever had your info leaked?, when was the last time your info was leaked? It's not a small risk.


The amount of work you'd have to do to correct a stolen identity is far less than the amount of work to log in to 10 accounts periodically,dump the data, format it, import it, and fix any issues


Interesting that you're this paranoid, but yet you trust banks.


There’s a massive difference between trusting banks (insured, backed by the state, etc) and trusting some random SaaS/web app you saw 10 minutes ago with access to said banks.


Oh it's "random" app, and here this time I figured we were talking about a reputable one that has PCI-DSS compliance like Quicken. My bad.

Sure, if you just trust some random Chrome extension from a random individual developer, you're absolutely setting yourself up for trouble when they hack your shit. But to wholesale dismiss all apps when there are actual legal protections in place that permit these businesses?


At least in the US, you don't have to trust a bank. You just trust the FDIC.

Also, what a glaring false dichotomy.


My point wasn’t necessarily creating a false dichotomy, since I was highlighting the inconsistency in the argument about trusting banks but dismissing reputable third-party apps on the whole. Does this person distrust consumer protections set up to allow for such tools to exist in the first place?

So to make "false dichotomy" stick, you going to need to assert that if Quicken were breached and this lead to my Schwab account being accessed by a bad actor, I actually am shit out of luck. Will you do that?


> I am not willing to manually navigate a dozen banks' broken UIs to find their "download CSV"

> My #2 requirement (a close second) is that the application must be running on my local PC. I will never accept a cloud-based web-app

You're lucky you don't live in the EU since well then you are straight out of luck since the bank APIs are only available to commercial entities thus the software generally is in the cloud and costs money.


Banks in Germany offer access to consumers via the HBCI standard. Not sure about the rest of the EU.


Banks in Germany provide it because of EU regulation.

https://www.digiteal.eu/open-banking-apis-all-you-need-to-kn...


Those regulations are about sharing via trusted third parties, not direct to users.


some similar tools offer a way to parse the PDF files provided by your bank and import it. I wish we had something similar here to do that


This sounds illegal and against what GDPR stands for.


Why is accessing your own banking data through a standard against what GDPR stands for? GDPR has a right to data portability.


I miss interpreted. I thought someone else can gain access to consumer data.



Obviously the UK is not the EU... but Starling Bank offer an API that you can use to access your personal bank account. I'm sure Monzo and other neo-banks offer similar functionality.


Open Banking predates Brexit, so lots of that stuff got carried over into the Brave New World.


Banks generally support HBCI standard (in Central/Western Europe)

Thats why using apps like Outbank, that automatically aggregate all your bank accounts data work like a charm in my experience.


Is it illegal for banks to provide private customers personal API access?


Not that I know of, but I've never seen one that does. And it's not like API access for company accounts is common - what the EU regulation requires, which is the only thing most babks support now, is that anyone can access their own accounts through a licensed account information provider.

Under the "open banking" scheme, not even massive companies can get API access to their own accounts. It only requires banks to give service providers access that allows their customers to essentially OAuth login into those services with their bank accounts. There is no "I just want my own account" API, only the general one.

And becoming a licensed provider is insanely hard because it's assumed you'll be actively managing millions of euros for tens of thousands of customers, when in reality, all you want is read-only access to one or a few affiliated accounts.


I use one that has public API, fio.cz in Czechia. There are surely others...


I don't think it is illegal at all. Banks just don't want to offer such features.


> […] and store your credentials.

And doing so violates the terms of service with many banks:

> You agree that you will not authorize a third party to use the Service or share your credentials with a third party to use the Service on your behalf except in legally authorized situations such as legal guardianship or pursuant to a power of attorney.

* https://www.bankofamerica.com/online-banking/service-agreeme...


I stopped using services like Coinbase that force you into Plaid. My final straw was getting a notification that I had to relink my accounts because I had changed my bank's password.

The banks are just as to blame. I'd love some basic non-SMS 2FA as a starting point, but sadly my bank is only the #6 largest in the US so they don't have the budget for it.


Oddly, BofA actually has mechanisms in place to allow non-credential sharing access to external services. Try linking a paypal account and you'll get a prompt from a Bank of America system that allows paypal to access all your banking details.


I’m sure that legalese is there for the event that you link a third party service and it empties your account.


You’re a member of a dozen banks!?!


You have dozens of banks?


is there a zapier for integrations that could be used


# Bank of America (BofA)

BofA Login https://www.bankofamerica.com/

1. Log in to your account.

2. Go to "Activity" or "Statements".

3. Select the account and time range.

4. Click "Download" and choose "CSV". Yes

--

# Chase Chase Login

1. Log in to your Chase account.

2. Navigate to "Statements & Documents".

3. Choose the account and statement period.

4. Click "Download" and select "CSV". Yes

--

# Wells Fargo Wells Fargo Login

1. Log in to your account.

2. Go to "Account Activity".

3. Select "Download Account Activity".

4. Choose "CSV" and specify the time period. Yes

# Citibank Citibank Login

1. Log in to your account.

2. Go to "Statements".

3. Choose the time period and format.

4. Select "Download" in "CSV". Yes

# Capital One Capital One Login

1. Log in to your account.

2. Navigate to the "Account Activity".

3. Select the time period and click "Download".

4. Choose "CSV". Yes


REP-EDIT:

You can literally just ask bot for api docs to access info - then gimme a python for such:

https://i.imgur.com/P9UgZ98.png

>>"..evaluate the docs for each API and give me the most straight-forward python to connect which prompts me for which fin inst - with a menu for inputs. define an .env with the reqs fin inst fields i'd need to add.. but use the vars in the script... define in mermaid and swim."..

https://i.imgur.com/SpsyfI5.png

https://i.imgur.com/QzmPZIg.png

--

Basically, the semantic web is near.

Hopefully soon there will be a dictionary and a thesaurus of quippets {AI-Bot-like snippets that you call like legos to walk through a Warren (rabbits hole)

==-->

"Give me a panel that [does complex output] using [random inputs] and [other relationships] and give put that as "oligarchs" and give me relevant tables for relationships between the [elements]

(I like to add in "from this .git repo" and I also like to have them do autistically-obsessive logging.)

The problem is that I have so many logging iterations I get lost...

What I NEED is an AI co-AIHDHD-Pilot -- that watches all mY iterations and birdwalking through a problem, curiosity, muse, failure, success - -and give me a Charlie Day Version of my thought process

https://i.imgur.com/4QBjOCZ.jpeg


For that very reason I tried selfhosting Actual Finance[1] but it is more of a budgeting app than a networth tracking app.

I ended up coding a small exporter[2] since I already had some stack in place that queries SimpleFI[3], which essentially allows querying balance and transaction information for most US-based banks (read only); most similar to plaid but a lot more developer-friendly afaik.

[1] https://actualbudget.com/

[2] https://github.com/eduser25/simplefin-bridge-exporter

[3] https://beta-bridge.simplefin.org/


Do you have any experience with plaid to compare it to simplefin by any chance? I started a similar project with plaid before, but haven't really gone back to it since dev accounts became a lot more limited.


I could not find a way to make or enroll as a dev in plaid; that was a while ago tho.

SimpleFIN on the other hand seems to be pretty good for dev work; plus very responsive in terms of questions and requests. Can only speak good of them.


Thanks! I don't remember the exact steps, but I remember it being a PITA to sign up for plaid. I managed to get a dev account before realizing you can't use most banks without going through a more thorough verification/approval process. To do that, you have to (I think) have a paid account.

SimpleFIN looks pretty.. simple, at least from a glance. When I get time, I'll actually give it a shot.


For now only a standard csv file is supported with these columns: Date, Symbol, Quantity, Activity Type, Unit Price, Currency, and Fee. Supported activity types: BUY SELL DIVIDEND INTEREST DEPOSIT WITHDRAWAL TRANSFER_IN TRANSFER_OUT CONVERSION_IN CONVERSION_OUT FEE TAX Example CSV format: date,symbol,quantity,activityType,unitPrice,currency,fee 2024-01-01T15:02:36.329Z,MSFT,1,DIVIDEND,57.5,USD,0 2023-12-15T15:02:36.329Z,MSFT,30,BUY,368.6046511627907,USD,0 2023-08-11T14:55:30.863Z,$CASH-USD,600.03,DEPOSIT,1,USD,0


Seems like this arrangement of columns can't properly support dividends, as 1) there is no change to the held quantity when a dividend is issued, 2) the unit price of the symbol is irrelevant, and 3) there is no column to record the actual amount received. My bank records a quantity of 0 and a dummy unit price of $1. It would be incorrect for the bank to record a non-zero quantity.


Why would that preclude supporting dividends? As you mentioned, unit price and quantity can simply be ignored for those rows.


I don't know about Wealthfolio, but the import QFX/OFX/CSV/etc. into GnuCash has ways to reconcile that with transactions you've manually recorded/edited, which can be much richer than the bank or CC knows. (GnuCash also has a way to import via network access, but I haven't tried it.)

(Example of richness: splitting am Amazon CC charge into the multiple expense accounts for the items that went into the order, and also accounting for the CC rewards and the Gift Card balance that contributed.)

I tried taking a break from GnuCash for maybe year, and going to a spreadsheet, and found: (1) it was still substantial work to maintain an accurate view of balances, and (2) I was missing a lot of information I found I needed in practice.


That's exactly my problem. Assigning the purchase of a new computer mouse to the "Expenses:ITEquipment" account? Easy if you purchased the mouse at your local computer store and used your debit card. Just define a text pattern to make any purchase from that store go to the ITEquipment account and run it against the csv from your checkings account.

Same purchase from amazon? Difficult, because you have two layers of indirection: checking account > credit card > amazon > it equipment.

Currently testing a new spreadsheet approach to deal with such scenarios, but not easy.


Isnt' why splits exist though? I've never found that to be onerous, and I did run a small business on it for a while.

Then again I'd never trust rules to do everything right anyway, so I'm reviewing at least once to reconcile.


You just need one more account. The card payment is just a transfer to an "Amazon Balance" account or something. Then the individual items are entries against that account.


That's the core question. This is 99% of the value that any such tool provides.

An open source project that had import flows for all the major banks & brokers into a well-defined unified format? Tremendous impact.

A graphing tool that only imports a standardized CSV? I can do that in my spreadsheet in minutes.


The Spreadsheet-based workflow works very well for me as well. I have a feeling a very large % of people manage their personal finances on a spreadsheet. And it's private, not cloud based, backupable, and password protected.


Ditto. Even though I'm quick to scream "that spreadsheet is an abomination, you need a database", actually, my personal finances spreadsheet is not an abomination (at least, I'd like to think it's not - and after having seen quite a few "enterprise spreadsheets" in my time, I'd like to think I'm familiar with most of the red flags these days), it's what spreadsheets were designed for. It helps me to appreciate why accountants will never ditch spreadsheets: you just can't beat their flexibility and ease-of-use.

Although I choose convenience over privacy / no-cloud, Google Sheets FTW.


An tool (maybe AI) that processes PDF statements and outputs the structured importable positions & transactions would be appealing to me. No live online link to be compromised, or at lease a simpler fetch statement PDF scrape (vs maintain scrape of broker sites).


Portfolio Performance (http://portfolio-performance.app) does just that.


The link doesn't work for me, adding 'www.' prefix fixes it: https://www.portfolio-performance.app/


We try doing that with HeyFire.co - import from a screenshot that is processed on your browser! But with a high rate of hit or miss right now.


I really feel like there should be a tool that wraps Woob[0] finance and provides something similar to Plaid, but self-hosted. There are some great finance apps that could then potentially integrate it to improve automation.

Woob does a great job of providing a good API for automating the web, and sure, not everything works, but it's a good start. Unfortunately, it seems it's not very well known still.

[0] https://woob.tech/


this sounds incredibly hard to do - plaid's moat is that it is a bunch of work to keep up to date with all these different bank UI's, plus many banks have moved to OAuth which they only provide to trusted partners - like plaid. You cant get an oauth token to your BofA account just because you have an account there


I have found https://teller.io to be really good for this. They are more affordable than Plaid too at the lower end of scale.

I have also seen some apps use https://www.simplefin.org/


I just assumed it uses Plaid.


I assume it uses no external services at all as it's supposed to be local first and "No Cloud" is basically the first thing you see when opening up the landing page.

Not to mention the second paragraph is "no more worries about SaaS services playing around with your data"


unlikely, who would pay the plaid bill here? they dont really have ala cart pricing - you have to create an account with them etc


I can provide an API key, you can use their staging API that allows a few banks for free. That's what I do with a local script I wrote, I get my banks' balances once a week.


They deprecated their staging API. The equivalent now is “limited production access”.


Ah really? That's too bad, I guess I haven't used mine in a while, but I was just about to again.


yep, it would be way too expensive


Imagine if Plaid was open source...


That's what I was wondering. It's a ton of work, but would love the auto importing / screen scraping features that Mint.com had. For a local desktop tool it even has the potential to support every possible service because they can't do IP blocking on end-users (versus the server-to-server model that Mint.com had, caused many services to IP block Mint's servers).

Unfortunately, depending on an open-source tool to do this is a double edged sword if it had these features, because we would be opening the risk of supply-chain attacks -- malicious actors getting commits into the repository code which cause the program to send your data elsewhere -- or worse, deplete accounts' funds.


> but would love the auto importing / screen scraping features that Mint.com had

I never used it, but didn't that ask you for the username/password in order to do its job? If so, I wouldn't touch it with a ten-foot pole.

> cause the program to send your data elsewhere -- or worse, deplete accounts' funds.

Again, seemingly because their shitty architecture would that even be possible.

There are modern (possibly only European?) standards nowadays that forces the banks to expose proper APIs for doing things like that. Would require a business entity to deploy to production (I think that's one of the requirements?) but otherwise wouldn't be a huge task compared to manually scraping stuff.


I suppose you mean PSD2. That is mandatory for EU banks that do payments. I don't think your stock and crypto trading services need to comply.


Some banks allow you to create separate limited read only credentials at least that can be revoked at any time. But not all of them allow this.


I used Every Dollar for budgeting for a while. It seemed mixed. Some banks used auth through the bank that would create a token for the site/app, which could be revoked through my account when the bank. Others used a 3rd party service which required the user enter their bank creds, and seemingly trust them.

I was in the market for a new bank, so I ended up coming up with my short list of banks I’d look at moving to, then went to Every Dollar to try adding accounts to see what kind of prompt I was met with. Anything that required the 3rd party to store my creds was out of the running. I ended up ending a 20+ year relationship with a bank of this. There were other things too, but this was the straw that got me to actually cut ties.

I assume Mint was similar. I used it a long time ago, probably when I was more trusting in my youth.


only if there were regulations for consumer banking having the bare minimum for application security as is for everything else banks themselves depend on.


> Unfortunately, depending on an open-source tool to do this is a double edged sword if it had these features, because we would be opening the risk of supply-chain attacks -- malicious actors getting commits into the repository code which cause the program to send your data elsewhere -- or worse, deplete accounts' funds.

This is FUD. You’re describing open-commit, which I don’t think anyone does. Open source is not more susceptible to supply chain attacks than closed source software.


it's open source... so all of them?


That's a somewhat useless statement. "I have a hello world on github. It's Open Source, so it can solve all your problems" is both true and not helpful at all.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: