#Yodlee Account Aggregation
Explore tagged Tumblr posts
Text
There are differences between UPI and Account Aggregator
Imagine having a central platform to look up your financial assets information for all of your account savings, fixed deposit and investment plans and pension savings, insurance premiums and more, all at the same time. There is no need to log and downloading financial information from different platforms, simple access, and a single view of your financial situation,
Because of the Bank Account Aggregator framework this framework is no longer restricted to the realms of imagination
The idea for Account Aggregator was conceived through the Reserve Bank of India to make it easier to access and share of financial information. In simpler terms, it acts as a "data bridge" between different participants in the financial industry.
The Account Aggregator framework is changing the method by which financial data is distributed. According to experts, it is likely to be a replica of the enormous UPI's success. UPI.
There is plenty of common ground among UPI as well as Account Aggregator it's important to understand what the distinction is since these differing concepts solve distinct issues.
This blog is designed to assist you to understand the differences between Account Aggregator and UPI.
What exactly is UPI and what are the problems UPI address?
Unified Payment Interface (UPI) is a mobile-based electronic payments system that allows you to transfer funds from bank accounts using a your mobile phones.
One of the most important benefits that comes with UPI payment is that it allows immediate real-time transactions without disclosing the bank's details. This creates a safe swift, simple and easy payment method. You don't have for carrying cash debit card or credit card. This makes it easier to make transactions while on the move.
The benefits of UPI isn't limited to transferring money between accounts. Through UPI the ability to seamlessly pay for your utilities or recharge your mobile phone. You can also perform quick and secure transactions via e-commerce platforms and pay for insurance premiums make investments in mutual funds as well as facilitate transactions using barcodes. There are numerous possibilities and this makes UPI an incredibly flexible and well-loved payment option for a wide range of applications.
What is Account Aggregator? how does it help solve problems?
Account Aggregator was created through the Reserve Bank of India (RBI) in order to make it easier for information exchange across Financial Information Providers (FIPs) as well as Financial Information Users (FIUs) with the consent of the customer.
Account Aggregator lets you easily access and examine the financial data from various sources like account balances, stocks and tax information, insurance policies specific to investments and many more in one screen. This comprehensive view of financial assets makes it easier to manage of financial assets and allows better-informed decision making.
Account aggregation also allows the secure exchange of financial data with financial institutions. This makes it simpler to join and transact with, as well as combine a variety of financial services. Use cases for Account Aggregator are vast ranging from getting loan or collaborating with wealth management professionals to organize and improve investment portfolios, and detecting potential fraud risks and reducing risk
The difference between UPI and Account Aggregator are stark.
Integration with financial institutions from other countries
UPI is a quick payment method that allows money transfers between two accounts. This means that its infrastructure is only connected to banks. However Account Aggregator provides an even greater scope since its use and impact can be extended to all financial institutions as well as all four regulatory bodies.
The focus area
Both UPI as well as Account Aggregator are both digital public infrastructures, this is the point where simjlarity ceases.. UPI is primarily concerned with the 'transfer of funds', whereas Account Aggregator is specifically focused on the transfer of financial information'.
The UPI infrastructure connects only to banks. AA connects every financial institution, including Banks as well as NBFCs, insurance companies, broking businesses, CRAs and more which makes it much more broad in terms of application and scope.
Authority to govern
National Payments Corporation of India (NPCI) is a not-for-profit organization established through the Government of India regulates UPI transactions. It also sets the standards and guidelines that govern how the system is used. NPCI assures the security as well as security for UPI transactions in addition to promoting the expansion and use of electronic payments across India. In contrast, Account Aggregator is an authorized by the RBI, and is expected to conform to various rules and rules which the RBI established to encourage responsible and fair behavior. Regulations of the RBI ensure the privacy and security of the customers is protected, and ensure that banks are committed to ethical lending policies. Sahamati additionally plays an important function in strengthening and promoting the ecosystem of Account Aggregators. Sahamati is an alliance of industry that functions as a self-organized organization in order to help facilitate coordination between all the players of the Account Aggregator community. The alliance establishes the fundamental rules and an ethical code to the entire community.
#Sahamati Account Aggregator#Account Aggregator Rbi#Account Aggregation Apps#Account Aggregator Nbfc#Rbi Account Aggregator#Account Aggregation Service#Account Aggregator Vendors#Yodlee Account Aggregation#Financial Account Aggregators#Mint Account Aggregation#Plaid Account Aggregation#Nbfc Account Aggregators#Best Account Aggregation App#Bank Account Aggregator App#Tink Account Aggregation
1 note
¡
View note
Link
Visa Wants to Buy Plaid, and With It, Transaction Data for Millions of People Visa, the credit card network, is trying to buy financial technology company Plaid for $5.3 billion. The merger is bad for a number of reasons. First and foremost, it would allow a giant company with a controlling market share and a history of anticompetitive practices to snap up its fast-growing competition in the market for payment apps. But Plaid is more than a potential disruptor, itâs also sitting on a massive amount of financial data acquired through questionable means. By buying Plaid, Visa is buying all of its data. And Plaidâs usersâeven those protected by Californiaâs new privacy lawâcanât do anything about it. Since mergers and acquisitions often fall outside the purview of privacy laws, only a pointed intervention by government authorities can stop the sale. Thankfully, this month, the US Department of Justice filed a lawsuit to do just that. This merger is about more than just competition in the financial technology (fintech) space; itâs about the exploitation of sensitive data from hundreds of millions of people. Courts should stop the merger to protect both competition and privacy. Visa's Monopolistic Hedge The Department of Justice lawsuit outlines a very simple motive for the acquisition. Visa, it says, already controls around 70% of the digital debit card payment market, from which it earned approximately $2 billion last year. (Mastercard, at 25% market share, is Visaâs only significant competitor.) Thanks to network effects with merchants and consumers, plus exclusivity clauses in its agreements with banks, Visa is comfortably insulated from threats by traditional competitors. But apps like Venmo have startedâjust barelyâto eat away at the digital transaction market. And Plaid sits at the center of that new wave, providing the infrastructure that Venmo and hundreds of other apps use to send money around the world. According to the DoJ, a Visa executive predicted that Plaid would undercut its debit card processing business eventually, and that buying Plaid would be an âinsurance policyâ to protect Visaâs dominant market share. The lawsuit alleges that Plaid already had plans to leverage its relationships with banks and consumers to launch a new debit service. Seen through this lens, the acquisition is a simple preemptive strike against an emerging threat in one of Visaâs core markets. Challenging the purchase of a smaller company by a giant one, under the theory that the purchase eliminates future competition rather than creating a monopoly in the short term, is a strong step for the DoJ, and one we hope to see repeated in technology markets. But usersâ interest in the Visa-Plaid merger should extend beyond fears of market concentration. Both companies are deeply involved in the collection and monetization of personal data. And as the DoJâs lawsuit underscores, âAcquiring Plaid would also give Visa access to Plaidâs enormous trove of consumer data, including real-time sensitive information about merchants and Visaâs rivals.â Plaid, Yodlee, and the sorry state of fintech privacy Plaid is whatâs known as a âdata aggregatorâ in the fintech space. It provides the infrastructure that connects banks to financial apps like Venmo and Coinbase, and its customers are usually apps that need programmatic access to a bank account. It works like this: first, an app developer installs code from Plaid. When a user downloads the app, Plaid asks the user for their bank credentials, then logs in on their behalf. Plaid then has access to all the information the bank would normally share with the user, including balances, assets, transaction history, and debt. It collects data from the bank and passes it along to the app developer. From then on, the app can use Plaidâs services to initiate electronic transfers to and from the bank account, or to collect new information about the userâs activity. In a shadowy industry, Plaid has tried to cultivate a reputation as the âtrustworthyâ data aggregator. Envestnet/Yodlee, a direct competitor, has long sold consumer behavior data to marketers and hedge funds. The company claims the data are âanonymous,â but reporters have discovered that thatâs not always the case. And Finicity, another financial data aggregator, uses its access to moonlight as a credit reporting agency. A glance at data broker listings shows a thriving marketplace for individually-identified transactions data, with dozens of sellers and untold numbers of buyers. But Plaid is adamant that it doesnât sell or monetize user data beyond its core business proposition. Until recently, Plaid has often been mentioned alongside Yodlee in order to contrast the two companiesâ approaches, when itâs been mentioned at all. Now, in the wake of the Visa announcement, two new lawsuits (Cottle et al v. Plaid Inc and Evans v. Plaid Inc) claim that Plaid has exploited users all along. Chief among the accusations is that Plaidâs interface misleads users into sharing their bank passwords with the company, a practice that plaintiffs allege runs afoul of Californiaâs anti-phishing law. The lawsuits also claim that Plaid collected much more data than was necessary, deceived users about what it was doing, and made money by selling that data back to the apps which used it. EFF is not involved in either lawsuit against Visa/Plaid, nor are we taking any position on the validity of the legal claims. Weâre not privy to any information that hasnât been reported publicly. But many of the facts presented by the lawsuits are relatively straightforward, and can be verified with Plaidâs own documentation. For example, at the time of writing, https://plaid.com/demo/ still hosts example sign-in flow with Plaid. Plaid does not dispute that it collects usersâ real bank credentials in order to log in on their behalf. You can see for yourself what that looks like: the interface puts the bankâs logo front and center, and looks for all the world like a secure OAuth page. Try to think about whether, seeing this for the first time, youâd really understand whoâs getting what information. Whoâs getting your credentials? Not just Citi. Many users might not realize the scope of the data that Plaid receives. Plaidâs Transactions API gives both Plaid and app developers access to a userâs entire transaction and balance history, including a geolocation and category for each purchase made. Plaidâs other APIs grant access to usersâ liabilities, including credit card debt and student loans; their investments, including individual stocks and bonds; and identity information, including name, address, email, and phone number. A screenshot from Plaidâs demo. What, exactly, does âlinkâ mean? For some products, Plaidâs demo will throw up a dialog box asking users to âAllowâ the app to access certain kinds of data. (It doesnât explain that Plaid will have access as well.) When we tested it, access to the âtransactions,â âauth,â âidentity,â and âinvestmentsâ products didnât trigger any prompts beyond the default âX uses Plaid to link to your bankâ screen. Itâs unclear how users are supposed to know what information an app will actually get, much less what theyâll do with it. And once a user enters their password, the data starts flowing. Users can view the data theyâre sharing through Plaid, and revoke access, after creating an account at my.plaid.com. This tool, which was apparently introduced in mid-2018 (after GDPR went into effect in Europe), is usefulâfor users who know where to look. But nothing in the standard âsign in with Plaidâ flow directs users to the tool, or even lets them know it exists. On the whole, itâs clear that Plaid was using questionable design practices to ânudgeâ people into sharing sensitive information. Whatâs in it for Visa? Whatever Plaid has been doing with its data until now, things are about to change. Plaid is a hot fintech startup, but Visa thinks it can squeeze more out of Plaid than the company is making on its own. Visa is paying approximately 50 times Plaidâs annual revenue to acquire the companyâa âvery steepâ sum by traditional metrics. A huge part of Plaidâs
0 notes
Photo
New Post has been published on https://cryptonewsuniverse.com/bitcoin-poised-to-benefit-from-new-us-stimulus-proposal-if-senate-approves/
Bitcoin Poised to Benefit from New US Stimulus Proposal If Senate Approves
Bitcoin Poised to Benefit from New U.S. Stimulus Proposal If Senate Approves
 Americans who have been buying Bitcoin with their U.S. stimulus package may now buy more once the Senate approves the new bill.Bitcoin could benefit from the new U.S. stimulus proposal,
which will include a new round of $1,200 checks. Already, the Senate has rejected a âskinnyâ stimulus bill as it does not support individual checks.According to a report by Cointelegraph, the Senate will most likely sign a bill that includes direct payments by the end of September. If they approve the bill without the inclusion of direct payments, stocks and Bitcoin may be affected.
Benefits of the U.S. New Stimulus Proposal for Bitcoin
Since there are no restrictions on how Americans can spend the stimulus package, some used the previous payment to invest in stocks and crypto. In May, software and data aggregation company Envestnet Yodlee revealed that many Americans invested in stocks with their stimulus checks. Yodlee president
Bill Parsons said:
âThereâs clearly a correlation between COVID and people being reengaged with their money.â
Similarly, Americans have also used their checks to purchase cryptocurrency. In addition, the CEO of Coinbase Brian Armstrong posted a tweet that corroborates the investment in crypto. According to the tweet, the percentage of deposits worth $1,200 recently jumped over four times. The surge in deposits coincides with the amount of the stimulus check, which suggests that source of the money. On approval of new stimulus payments, the general crypto market may rise as deposits increase. Before now, the Republican Party revealed details on the second round of the stimulus plan. The second round will still maintain the $1,200 payment checks for individuals and $2,400 for each couple. However, the $500 per child stimulus will now be given to dependents above the age of 17. In late-March, U.S. President Donald Trump signed a one-time stimulus package of up to $1,200 for eligible Americans. The first batch of payment was directly paid into the accounts of eligible citizens.
Senate Rejects Stimulus without $1,200 Checks
For a while now, there have been discussions between the Democrats and Republicans over the next COVID-19 stimulus. The Senate has now failed to approve a new coronavirus stimulus bill. All Democrats and Rand Paul, who is a Republican, opposed it in a 52-47 vote. For approval, the bill needed a total of 60 votes. Over the last few months, banks have been unable to handle the high demand for stimulus. On the 15th of April, banks in the U.S. experienced mass outages on their online platforms. This happened because many Americans repeatedly checked their accounts for stimulus payouts. The banks that were affected include U.S. Bank (NYSE: USB), PNC (NYSE: PNC) and Fifth Third Bank (NASDAQ: FITB). Economists believe the U.S. government should go ahead with another round of direct payments. âDirect checks are the most effective, the fastest way to support American families. In the last six months, we received one $1,200 payment, which is not enough,â said Natalie Foster, the co-chair of the Economic Security Project, speaking with CNBC.
Article Produced By Tolu Ajiboye
Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge. When he's not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.
https://www.coinspeaker.com/bitcoin-benefit-us-stimulus-proposal/
0 notes
Text
Newton Mail founder returns with launch of personal net worth tracker, Kubera
Serial entrepreneur Rohit Nadhani, who last sold his Newton email app to Essential in 2018â an app so popular itâs been saved from shutting down multiple times â is today launching a new startup, Kubera. The service aims to offer an alternative to using a spreadsheet to keep track of your assets, investments, cryptocurrencies, debts, insurance, and other important documents that would need to be transferred to a loved one in the event of your death.
The founder was inspired to create Kubera â a reference to the Indian âlord of wealthâ â due to a traumatic personal experience. While swimming in Costa Rica, he was caught in a riptide and had to be rescued. After coming home, the first thing he did was to start putting together a list of all his assets to share with his wife in the event of his death.
The task was fairly difficult, as it turned out, as that list now included more than just real estate, stocks and bonds, retirement accounts, and insurance.
Nadhani realized he also wanted to list other assets like crypto investments, collectibles, precious metals, private and foreign investments, trademarks and other digital assets, as well as debts owed him â like loans he had made to family and friends.
Plus, he wanted a few more features that a simple spreadsheet could provide â like the ability to automatically update the value of the assets, similar to Intuitâs Mint, and basic reporting. More importantly, he didnât want to share access to his personal net worth data and accounts unless it was absolutely necessary.
Existing solutions didnât meet Nadhaniâs needs, he said, as they used outdated technology, lacked the features he wanted, or used usersâ data to make budgeting or investment recommendations. That, along with feedback from friends who said they were also stuck using spreadsheets for this task, prompted the founder to create his own solution with Kubera.
To do so, he reached out to former colleague Manoj Marathayil, the founding engineer at Nadhaniâs two prior companies, CloudMagic (Newton) and Webyog, which exited to IDERA in 2018. Also joining Kubera is the former Head of Product & Design from Newton Mail at CloudMagic, Umesh Gopinath.
Kubera is launching today as a custom-built solution for the task of listing your assets, both traditional and non-traditional alike.
To use the service, you begin by listing your assets in a simple table, then add details like cost, value, or the documents associated with them, if available. You can either opt to update the values in the table as you go, or you can connect assets to your online accounts to update their value automatically.
 The service uses trusted financial data aggregation services like Plaid and Yodlee to make the connections, which means it has âread-onlyâ access to your financial data â Kubera cannot make transactions on your behalf. This also allows it to support connections to over 10,000 banks across the world.
The service also uses the open standard AES-256 encryption algorithm to encrypt user data, requires HTTPS on all web pages, uses HSTS to require browsers use only secure connections, and supports 2-step verification through Google Sign-in with other 2-step options launching soon.
The companyâs business model is a subscription service, which allows it to generate revenue without having to share data with a third-party or advertiser. The basic service is free to use if you donât want to automatically update your asset values. If you do, itâs $10 per month.
Once the initial entry has been done, Kubera will periodically remind you to update asset values and check in. Its âlife beatâ check will track if youâve been inactive for a certain number of days (specified by you during setup) and try to reach you.
If you donât respond to Kuberaâs attempts to reach you, it will then try to reach your beneficiary by way of email and text, if provided. The service sends an email with all the information youâve provided in a downloadable format to your beneficiary. If they donât respond after several reminders, Kubera will then reach out to your backup contact, a âTrusted Angel.â
Kubera to some extent competes with services like Mint, YNAB and other online budgeting tools. But these services donât offer the same extensive net worth tracking and have a different focus. It also competes with financial advisor and wealth management companies, like Personal Capital. But instead of pushing you to connect with a financial advisor or other paid services, Kubera isnât doling out investing advice.
Further down the road, Kubera may expand into estate planning â like helping with wills or trusts, or connecting you to partners who can provide these services. But for the time being, the service is meant to be used in conjunction with usersâ existing wills and trusts.
The bootstrapped startup is a five-person team. At launch, Kubera is offering 100-day free trials, allowing you the time to organize assets before making a decision on subscribing to the service.
youtube
0 notes
Text
The Risk of Weak Online Banking Passwords
The Risk of Weak Online Banking Passwords
If you bank online and choose weak or re-used passwords, thereâs a decent chance your account could be pilfered by cyberthieves â even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to surveil and drain consumer accounts online.
View On WordPress
0 notes
Text
Yodlee Hiring For Associate Software Engineer Position: B.Tech/BE/MCA Eligible To Apply
Yodlee Hiring For Associate Software Engineer Position: B.Tech/BE/MCA Eligible To Apply
Yodlee Hiring For Associate Software Engineer Position: Yodlee is an American software company that develops an account aggregation service that allows users to see their credit card, bank, investment, email, travel reward aYodlee Hiring For Associate Software Engineer Positionccounts, etc. on one screen.
Job Profile: Associate Software Engineer
Work Location: Bangalore, India
Degree Needed:âŚ
View On WordPress
0 notes
Text
Original Post from Krebs on Security Author: BrianKrebs
Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse.
Part of a communication NCR sent Oct. 25 to banks on its Digital Insight online banking platform.
On Oct. 29, KrebsOnSecurity heard from a chief security officer at a U.S.-based credit union and Digital Insight customer who said his institution just had several dozen customer accounts hacked over the previous week. The source, who asked to remain anonymous, said the unauthorized activity came from accounts at both Mint and QuickBooks â services that let consumers aggregate account and transaction data from multiple financial institutions.
My banking source said the attackers appeared to automate the unauthorized logins, which took place over a week in several distinct 12-hour periods in which a new account was accessed every five to ten minutes.
Most concerning, the source said, was that in many cases the aggregator service did not pass through prompts sent by the credit unionâs site for multi-factor authentication, meaning the attackers could access customer accounts with nothing more than a username and password.
âThe weird part is sometimes the attackers are getting the multi-factor challenge, and sometimes they arenât,â said the source, who added that he suspected a breach at Mint and/QuickBooks because NCR had just blocked the two companies from accessing bank Web sites on its platform.
In a statement provided to KrebsOnSecurity, NCR said that on Friday, Oct. 25, NCR notified Digital Insight customers âthat the aggregation capabilities of certain third-party product were being temporarily suspended.â
âThe notification was sent while we investigated a report involving a single user and a third-party product that aggregates bank data,â reads their statement, which was sent to customers on Oct. 29. After confirming that the incident was contained, NCR restored connectivity that is used for account aggregation. As criminals deploy more sophisticated methods and tools to access online information, NCR continues to evaluate and proactively defend against these activities.â
What were these sophisticated methods? NCR wouldnât say, but it seems clear the hacked accounts are tied to customers re-using their online banking passwords at other sites that got hacked.
As I noted earlier this year in The Risk of Weak Online Banking Passwords, if you bank online and choose weak or re-used passwords, thereâs a decent chance your account could be pilfered by cyberthieves â even if your bank offers multi-factor authentication as part of its login process.
Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords. Most often, the attacker will use lists of email addresses and passwords stolen en masse from hacked sites and then try those same credentials to see if they permit online access to accounts at a range of banks.
A screenshot of a password-checking tool that can be used to target Chase Bank customers who re-use passwords. There are tools like this one for just about every other major U.S. bank.
From there, thieves can take the list of successful logins and feed them into apps that rely on application programming interfaces (API)s from one of several personal financial data aggregators, including Mint, Plaid, QuickBooks,  Plaid, Yodlee, and YNAB.
A number of banks that do offer customers multi-factor authentication â such as a one-time code sent via text message or an app â have chosen to allow these aggregators the ability to view balances and recent transactions without requiring that the aggregator service supply that second factor.
If the thieves are able to access a bank account via an aggregator service or API, they can view the customerâs balance(s) and decide which customers are worthy of further targeting.
But beyond targeting customers for outright account takeovers, the data available via financial aggregators enables a far more insidious type of fraud:Â The ability to link the targetâs bank account(s) to other accounts that the attackers control.
Thatâs because PayPal, Zelle, and a number of other pure-play online financial institutions allow customers to link accounts by verifying the value of microdeposits. For example, if you wish to be able to transfer funds between PayPal and a bank account, the company will first send a couple of tiny deposits â a few cents, usually â to the account you wish to link. Only after verifying those exact amounts will the account-linking request be granted.
The temporary blocking of data aggregators by NCR brings up a point worthy of discussion by regulators: Namely, in the absence of additional security measures put in place by the aggregators, do the digital banking platform providers like NCR, Fiserv, Jack Henry, and FIS have an obligation to help block or mitigate these large-scale credential exploitation attacks?
KrebsOnSecurity would argue they do, and that the crooks who attacked the customers of my sourceâs credit union have probably already moved on to using the same attack against one of several thousand other dinky banks across the country.
Intuit Inc., which owns both Mint and QuickBooks, has not responded to requests for comment.
NCR declined to discuss specifics about how it plans to respond to similar attacks going forward.
âNCR does not make public comment on methods and tactics of malicious actors,â the company��s statement read. âAs we noted, the criminals are getting aggressive and creative in accessing tools to access online information, NCR continues to evaluate and proactively defend against these activities.â
#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */
Go to Source Author: BrianKrebs NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm Original Post from Krebs on Security Author: BrianKrebs Banking industry giant NCR Corp. [NYSE: NCRâŚ
0 notes
Text
New Post has been published on Payment-Providers.com
New Post has been published on https://payment-providers.com/payments-news-the-risk-of-weak-online-banking-passwords/
Payments News Âť The Risk of Weak Online Banking Passwords
âIf you bank online and choose weak or re-used passwords, thereâs a decent chance your account could be pilfered by cyberthieves â even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint , Plaid , Yodlee , YNAB and others to surveil and drain consumer accounts online.â
Source link
0 notes
Text
The Latest In Financial Advisor #FinTech (June 2018)
Welcome to the June 2018 issue of the Latest News in Financial Advisor #FinTech â where we look at the big news, announcements, and underlying trends and developments that are emerging in the world of technology solutions for financial advisors and wealth management!
This monthâs edition kicks off with the buzz from the Envestnet Advisor Summit⌠that Envestnet is shifting from a focus on investment management, financial planning, and wealth management, towards a new category it calls âFinancial Wellnessâ. Which is not meant to be the employer-delivered-financial-education version of a Financial Wellness program, but a more holistic advisor technology platform aiming to cover all of the relevant areas of a clientâs financial health, including not only planning, investments, and insurance (protection), but also credit/debt, and budgeting/cash flow as well. Which leaves Envestnet incredibly well positioned for the ongoing shift of financial advisors from products to advice, and makes its 2015 acquisition of Yodlee look increasingly savvy as holistic financial wellness requires holistic account aggregation to power it!
From there, the latest highlights also include a number of interesting advisor technology announcements, including:
Principal Financial acquires RobustWealth as yet another old-line insurer aims to get more digitally savvy
Private equity firm Aquiline acquires a majority stake in RIAInABox as compliance software becomes an advisor tech category of its own
LearnVest shuts down its financial planning offering but may still be a success for Northwestern Mutual as its financial planning and PFM technology is integrated into the Northwestern core
AdvicePay announces the first ever âadvisor crowdfundingâ initiative, in an effort to raise $2M of new capital without taking on the conflicts of Venture Capital firms
Read the analysis about these announcements, and a discussion of more trends in advisor technology, in this monthâs column, including Vestwell partnering with payroll processor Namely to expand distribution of its small-business 401(k) offering, Vestmark launches a new Model Trading Service as the shift to centrally managed portfolios in RIAs and IBDs is leading to a new desire to outsource the implementation, and Fidelity showcases the prototype of a new âCoraâ virtual reality assistant for clients as Schwab launches two new Digital Accelerator Hubs. In addition, we highlight the rise of another new category of advisor software: Student Loan Analysis and Modeling tools, as the shift to pursue Gen X and Gen Y clients leads to a demand for new types of software to service them.
And be certain to read to the end, where we have provided an update to our popular new âFinancial Advisor FinTech Solutions Mapâ, including a number of new companies and categories!
I hope youâre continuing to find this new column on financial advisor technology to be helpful! Please share your comments at the end and let me know what you think!
*And for #AdvisorTech companies who want to submit their tech announcements for consideration in future issues, please submit to [email protected]!
Read MoreâŚ
from News About IRS And Tax https://www.kitces.com/blog/the-latest-in-financial-advisor-fintech-june-2018/?utm_source=rss&utm_medium=rss&utm_campaign=the-latest-in-financial-advisor-fintech-june-2018
0 notes
Text
The Latest In Financial Advisor #FinTech (June 2018)
Welcome to the June 2018 issue of the Latest News in Financial Advisor #FinTech â where we look at the big news, announcements, and underlying trends and developments that are emerging in the world of technology solutions for financial advisors and wealth management!
This monthâs edition kicks off with the buzz from the Envestnet Advisor Summit⌠that Envestnet is shifting from a focus on investment management, financial planning, and wealth management, towards a new category it calls âFinancial Wellnessâ. Which is not meant to be the employer-delivered-financial-education version of a Financial Wellness program, but a more holistic advisor technology platform aiming to cover all of the relevant areas of a clientâs financial health, including not only planning, investments, and insurance (protection), but also credit/debt, and budgeting/cash flow as well. Which leaves Envestnet incredibly well positioned for the ongoing shift of financial advisors from products to advice, and makes its 2015 acquisition of Yodlee look increasingly savvy as holistic financial wellness requires holistic account aggregation to power it!
From there, the latest highlights also include a number of interesting advisor technology announcements, including:
Principal Financial acquires RobustWealth as yet another old-line insurer aims to get more digitally savvy
Private equity firm Aquiline acquires a majority stake in RIAInABox as compliance software becomes an advisor tech category of its own
LearnVest shuts down its financial planning offering but may still be a success for Northwestern Mutual as its financial planning and PFM technology is integrated into the Northwestern core
AdvicePay announces the first ever âadvisor crowdfundingâ initiative, in an effort to raise $2M of new capital without taking on the conflicts of Venture Capital firms
Read the analysis about these announcements, and a discussion of more trends in advisor technology, in this monthâs column, including Vestwell partnering with payroll processor Namely to expand distribution of its small-business 401(k) offering, Vestmark launches a new Model Trading Service as the shift to centrally managed portfolios in RIAs and IBDs is leading to a new desire to outsource the implementation, and Fidelity showcases the prototype of a new âCoraâ virtual reality assistant for clients as Schwab launches two new Digital Accelerator Hubs. In addition, we highlight the rise of another new category of advisor software: Student Loan Analysis and Modeling tools, as the shift to pursue Gen X and Gen Y clients leads to a demand for new types of software to service them.
And be certain to read to the end, where we have provided an update to our popular new âFinancial Advisor FinTech Solutions Mapâ, including a number of new companies and categories!
I hope youâre continuing to find this new column on financial advisor technology to be helpful! Please share your comments at the end and let me know what you think!
*And for #AdvisorTech companies who want to submit their tech announcements for consideration in future issues, please submit to [email protected]!
Read MoreâŚ
from Updates About Loans https://www.kitces.com/blog/the-latest-in-financial-advisor-fintech-june-2018/?utm_source=rss&utm_medium=rss&utm_campaign=the-latest-in-financial-advisor-fintech-june-2018
0 notes
Text
The Latest In Financial Advisor #FinTech (June 2018)
Welcome to the June 2018 issue of the Latest News in Financial Advisor #FinTech â where we look at the big news, announcements, and underlying trends and developments that are emerging in the world of technology solutions for financial advisors and wealth management!
This monthâs edition kicks off with the buzz from the Envestnet Advisor Summit⌠that Envestnet is shifting from a focus on investment management, financial planning, and wealth management, towards a new category it calls âFinancial Wellnessâ. Which is not meant to be the employer-delivered-financial-education version of a Financial Wellness program, but a more holistic advisor technology platform aiming to cover all of the relevant areas of a clientâs financial health, including not only planning, investments, and insurance (protection), but also credit/debt, and budgeting/cash flow as well. Which leaves Envestnet incredibly well positioned for the ongoing shift of financial advisors from products to advice, and makes its 2015 acquisition of Yodlee look increasingly savvy as holistic financial wellness requires holistic account aggregation to power it!
From there, the latest highlights also include a number of interesting advisor technology announcements, including:
Principal Financial acquires RobustWealth as yet another old-line insurer aims to get more digitally savvy
Private equity firm Aquiline acquires a majority stake in RIAInABox as compliance software becomes an advisor tech category of its own
LearnVest shuts down its financial planning offering but may still be a success for Northwestern Mutual as its financial planning and PFM technology is integrated into the Northwestern core
AdvicePay announces the first ever âadvisor crowdfundingâ initiative, in an effort to raise $2M of new capital without taking on the conflicts of Venture Capital firms
Read the analysis about these announcements, and a discussion of more trends in advisor technology, in this monthâs column, including Vestwell partnering with payroll processor Namely to expand distribution of its small-business 401(k) offering, Vestmark launches a new Model Trading Service as the shift to centrally managed portfolios in RIAs and IBDs is leading to a new desire to outsource the implementation, and Fidelity showcases the prototype of a new âCoraâ virtual reality assistant for clients as Schwab launches two new Digital Accelerator Hubs. In addition, we highlight the rise of another new category of advisor software: Student Loan Analysis and Modeling tools, as the shift to pursue Gen X and Gen Y clients leads to a demand for new types of software to service them.
And be certain to read to the end, where we have provided an update to our popular new âFinancial Advisor FinTech Solutions Mapâ, including a number of new companies and categories!
I hope youâre continuing to find this new column on financial advisor technology to be helpful! Please share your comments at the end and let me know what you think!
*And for #AdvisorTech companies who want to submit their tech announcements for consideration in future issues, please submit to [email protected]!
Read MoreâŚ
from Updates About Loans https://www.kitces.com/blog/the-latest-in-financial-advisor-fintech-june-2018/?utm_source=rss&utm_medium=rss&utm_campaign=the-latest-in-financial-advisor-fintech-june-2018
0 notes
Text
The Latest In Financial Advisor #FinTech (June 2018)
Welcome to the June 2018 issue of the Latest News in Financial Advisor #FinTech â where we look at the big news, announcements, and underlying trends and developments that are emerging in the world of technology solutions for financial advisors and wealth management!
This monthâs edition kicks off with the buzz from the Envestnet Advisor Summit⌠that Envestnet is shifting from a focus on investment management, financial planning, and wealth management, towards a new category it calls âFinancial Wellnessâ. Which is not meant to be the employer-delivered-financial-education version of a Financial Wellness program, but a more holistic advisor technology platform aiming to cover all of the relevant areas of a clientâs financial health, including not only planning, investments, and insurance (protection), but also credit/debt, and budgeting/cash flow as well. Which leaves Envestnet incredibly well positioned for the ongoing shift of financial advisors from products to advice, and makes its 2015 acquisition of Yodlee look increasingly savvy as holistic financial wellness requires holistic account aggregation to power it!
From there, the latest highlights also include a number of interesting advisor technology announcements, including:
Principal Financial acquires RobustWealth as yet another old-line insurer aims to get more digitally savvy
Private equity firm Aquiline acquires a majority stake in RIAInABox as compliance software becomes an advisor tech category of its own
LearnVest shuts down its financial planning offering but may still be a success for Northwestern Mutual as its financial planning and PFM technology is integrated into the Northwestern core
AdvicePay announces the first ever âadvisor crowdfundingâ initiative, in an effort to raise $2M of new capital without taking on the conflicts of Venture Capital firms
Read the analysis about these announcements, and a discussion of more trends in advisor technology, in this monthâs column, including Vestwell partnering with payroll processor Namely to expand distribution of its small-business 401(k) offering, Vestmark launches a new Model Trading Service as the shift to centrally managed portfolios in RIAs and IBDs is leading to a new desire to outsource the implementation, and Fidelity showcases the prototype of a new âCoraâ virtual reality assistant for clients as Schwab launches two new Digital Accelerator Hubs. In addition, we highlight the rise of another new category of advisor software: Student Loan Analysis and Modeling tools, as the shift to pursue Gen X and Gen Y clients leads to a demand for new types of software to service them.
And be certain to read to the end, where we have provided an update to our popular new âFinancial Advisor FinTech Solutions Mapâ, including a number of new companies and categories!
I hope youâre continuing to find this new column on financial advisor technology to be helpful! Please share your comments at the end and let me know what you think!
*And for #AdvisorTech companies who want to submit their tech announcements for consideration in future issues, please submit to [email protected]!
Read MoreâŚ
from Updates About Loans https://www.kitces.com/blog/the-latest-in-financial-advisor-fintech-june-2018/?utm_source=rss&utm_medium=rss&utm_campaign=the-latest-in-financial-advisor-fintech-june-2018
0 notes
Text
Token and Envestnet | Yodlee Announce Strategic Open Banking Partnership
â Token, Inc., a turnkey open banking platform provider, and Envestnet | Yodlee (NYSE: ENV), a leading data aggregation and data analytics platform powering dynamic, cloud-based innovation for digital financial services, today announced a strategic partnership to combine their expertise in PSD2-compliant payments and financial data aggregation.
Tokenâs open banking operating system, TokenOSâ˘, enables banks to generate revenue from PSD2 compliant payments and simplifies access to banks for third-party service providers, via a universal API. Token OS helps reduce the cost, enhance the security and remove friction from a wide variety of payment types, including bill pay, e-commerce, B2B payments and money transfers.
The Envestnet | Yodlee Financial Data Platform enables personalized financial apps by delivering data from more than 16,000 global sources. Using consumer permission-based access to financial accounts and transaction information supported by bank-level security, the Envestnet | Yodlee Platform and its Aggregation API deliver bank, credit card, investment, loans, rewards, and other financial account data needed for personal financial wellness, lending, and wealth advisory apps and services.
By launching a synergetic partnership that empowers both companies to leverage each otherâs strengths, Token and Envestnet | Yodlee can now serve EU banks with a powerful joint proposition. Combining the universality and security of TokenOS and the depth and breadth of Envestnet | Yodleeâs Platform and API integration creates the most compelling, secure and comprehensive open banking payment and information solution available to EU banks.
Steve Kirsch, CEO and Founder of Token, commented: âWe are delighted to work with Envestnet | Yodlee to transform the future of banking. When it comes to PSD2, developers are not going to support hundreds of unique bank APIs; they will only write to one common API, maybe two. This means that banks that create their own proprietary API risk not being able to deliver the variety and freedom that customers expect in the digital age.â
âInstead, banks should support a common open banking platform â one that is easy, secure, interoperable, low cost and developer friendly. Our partnership with Envestnet | Yodlee, the market-leading API aggregator, makes Tokenâs proposition more attractive than ever for both banks and developers.â
Jason OâShaughnessy, Senior Vice President for EMEA and Australia at Envestnet | Yodlee, added: âBoth Token and Envestnet | Yodlee believe that open data access is critical to enabling innovative tools that can help consumers improve their financial lives. Our shared dedication to improving the banking end-user experience means that Token and Envestnet | Yodlee are a natural partnership, and itâs great to see Token leverage our financial data aggregation platform to deliver secure, customer-centric solutions to their clients.â
The post Token and Envestnet | Yodlee Announce Strategic Open Banking Partnership appeared first on IT SECURITY GURU.
from Token and Envestnet | Yodlee Announce Strategic Open Banking Partnership
0 notes
Text
Mint.com : Personal financial management company
New Post has been published on https://startupbharat.net/2017/08/18/mint-com-personal-financial-management-company/
Mint.com : Personal financial management company
Mint.com is a free, web-based personal financial management service for the US and Canada,��created by Aaron Patzer. Mint originally provided account aggregation through a deal with Yodlee, but has since moved to using Intuit for connecting to accounts. Mintâs primary service allows users to track bank, credit card, investment, and loan balances and transactions through a single user interface, as well as create budgets and set financial goals. In 2009, Mint was acquired by Intuit, the makers of Quicken and TurboTax.
As of 2010, Mint.com claims to connect with more than 16,000 US and Canadian financial institutions, and to support more than 17 million individual financial accounts.x As of November 2013, Mint.com claimed to have more than 10 million users. In 2016, Mint.com claimed to have over 20 million users.
Mint raised over $31M in venture capital funding from DAG Ventures, Shasta Ventures, and First Round Capital,x as well as from angel investors including Ram Shriram, an early investor in Google. The latest round of $14M was closed on August 4, 2009, and reported by CEO Aaron Patzer as preemptive. TechCrunch later pegged the valuation of Mint at $140M.
In February 2008, revenue was generated through lead generation, earned via earning referral fees from recommendations of highly personalized, targeted financial products to its users.
FOR MORE LOG ON TO :Â http://www.mint.com
0 notes
Text
Original Post from Krebs on Security Author: BrianKrebs
If you bank online and choose weak or re-used passwords, thereâs a decent chance your account could be pilfered by cyberthieves â even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to surveil and drain consumer accounts online.
Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords. Most often, the attacker will use lists of email addresses and passwords stolen en masse from hacked sites and then try those same credentials to see if they permit online access to accounts at a range of banks.
A screenshot of a password-checking tool being used to target Chase Bank customers who re-use passwords from other sites. Image: Hold Security.
From there, thieves can take the list of successful logins and feed them into apps that rely on application programming interfaces (API)s from one of several personal financial data aggregators which help users track their balances, budgets and spending across multiple banks.
A number of banks that do offer customers multi-factor authentication â such as a one-time code sent via text message or an app â have chosen to allow these aggregators the ability to view balances and recent transactions without requiring that the aggregator service supply that second factor. Thatâs according to Brian Costello, vice president of data strategy at Yodlee, one of the largest financial aggregator platforms.
Costello said while some banks have implemented processes which pass through multi-factor authentication (MFA) prompts when consumers wish to link aggregation services, many have not.
âBecause we have become something of a known quantity with the banks, weâve set up turning off MFA with many of them,â Costello said. âMany of them are substituting coming from a Yodlee IP or agent as a factor because banks have historically been relying on our security posture to help them out.â
Such reconnaissance helps lay the groundwork for further attacks: If the thieves are able to access a bank account via an aggregator service or API, they can view the customerâs balance(s) and decide which customers are worthy of further targeting.
This targeting can occur in at least one of two ways. The first involves spear phishing attacks to gain access to that second authentication factor, which can be made much more convincing once the attackers have access to specific details about the customerâs account â such as recent transactions or account numbers (even partial account numbers).
The second is through an unauthorized SIM swap, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the targetâs phone number and diverting all texts and phone calls to the attackerâs mobile device.
But beyond targeting customers for outright account takeovers, the data available via financial aggregators enables a far more insidious type of fraud: The ability to link the targetâs bank account(s) to other accounts that the attackers control.
Thatâs because PayPal, Zelle, and a number of other pure-play online financial institutions allow customers to link accounts by verifying the value of microdeposits. For example, if you wish to be able to transfer funds between PayPal and a bank account, the company will first send a couple of tiny deposits â a few cents, usually â to the account you wish to link. Only after verifying those exact amounts will the account-linking request be granted.
Alex Holden is founder and chief technology officer of Hold Security, a Milwaukee-based security consultancy. Holden and his team closely monitor the cybercrime forums, and he said the company has seen a number of cybercriminals discussing how the financial aggregators are useful for targeting potential victims.
Holden said itâs not uncommon for thieves in these communities to resell access to bank account balance and transaction information to other crooks who specialize in cashing out such information.
âThe price for these details is often very cheap, just a fraction of the monetary value in the account, because theyâre not selling âfinalâ access to the account,â Holden said. âIf the account is active, hackers then can go to the next stage for 2FA phishing or social engineering, or linking the accounts with another.â
Currently, the major aggregators and/or applications that use those platforms store bank logins and interactively log in to consumer accounts to periodically sync transaction data. But most of the financial aggregator platforms are slowly shifting toward using the OAuth standard for logins, which can give banks a greater ability to enforce their own fraud detection and transaction scoring systems when aggregator systems and apps are initially linked to a bank account.
Thatâs according to Don Cardinal, managing director of the Financial Data Exchange (FDX), which is seeking to unite the financial industry around a common, interoperable, and royalty-free standard for secure consumer and business access to their financial data.
âThis is where weâre going,â Cardinal said. âThe way it works today, you the aggregator or app stores the credentials encrypted and presents them to the bank. What weâre moving to is [an account linking process] that interactively loads the bankâs Web site, you login there, and the site gives the aggregator an OAuth token. In that token granting process, all the bankâs fraud controls are then direct to the consumer.â
Alissa Knight, a senior analyst with the Aite Group, a financial and technology analyst firm, said such attacks highlight the need to get rid of passwords altogether. But until such time, she said, more consumers should take full advantage of the strongest multi-factor authentication option offered by their bank(s), and consider using a password manager, which helps users pick and remember strong and unique passwords for each Web site.
âThis is just more empirical data around the fact that passwords just need to go away,â Knight said. âFor now, all the standard precautions weâve been giving consumers for years still stand: Pick strong passwords, avoid re-using passwords, and get a password manager.â
Some of the most popular password managers include 1Password, Dashlane, LastPass and Keepass. Wired.com recently published a worthwhile writeup which breaks down each of these based on price, features and usability.
#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */
Go to Source Author: BrianKrebs The Risk of Weak Online Banking Passwords Original Post from Krebs on Security Author: BrianKrebs If you bank online and choose weak or re-used passwords, thereâs a decent chance your account could be pilfered by cyberthieves â even if your bank offers multi-factor authentication as part of its login process.
0 notes