What is Plaid? And How Do Privacy and Plaid Work Together?
What is Plaid?
If you’ve used apps like Privacy, Venmo, or Acorns, you’ve likely heard of Plaid. In fact, according to Plaid, roughly 25% of US adults have used their service. So, you’ve seen it and may have already used it, but what is Plaid?
Plaid is a payments platform that enables you to securely connect your financial accounts to other apps. With Plaid acting as the intermediary, financial apps are given limited access to your bank account details and are granted only the relevant information required to carry out functions that you’ve authorized. For example, Plaid enables virtual card services like Privacy to securely and seamlessly connect funding sources to user accounts. With this connection, Privacy customers can generate instant card numbers when making purchases online.
Is Plaid Safe?
While convenience is key, the more important consideration is: is Plaid safe? Plaid was built with safety top of mind to allow financial apps that you commonly use to access your accounts on a secure, need-to-know basis. However, when allowing any third-party platforms to access your financial accounts, you should always take steps to guarantee the protection of your sensitive data.
You will need to provide your bank login credentials to Plaid so that Plaid can securely access and transmit information on your behalf to the various fintech apps you may use. But these details are generally safe with Plaid, and we’ll explain why.
This article will highlight Plaid’s privacy practices, security protocols, and a general overview of how Plaid works. We’ll also help you understand how Plaid enables Privacy users to seamlessly and safely make purchases on virtual cards.
How do Privacy and Plaid work together?
When you make a transaction with a Privacy virtual card, we debit your attached funding source. But first, we need to establish a connection to your bank account. This is where Plaid comes into play.
To create the connection to your bank account, we ask that you log in to your bank’s online portal through Plaid’s integration. Once Plaid verifies those login credentials and is able to view the bank account, Plaid securely transmits information to Privacy - such as the account and routing number - so that we can process transactions. Because of the Plaid connection, Privacy does not obtain or store your bank login information anywhere on our systems, and you can change your bank login credentials at any time without interrupting your use of Privacy Virtual Cards.
How is Plaid used for banking?
Plaid is used to integrate your bank account information directly with your favorite apps. As of January 2023, more than 7,000 financial apps have adopted Plaid’s banking API to securely access user transaction history, balances, and other essential information.
Here are a few apps using the Plaid banking API that you might be familiar with:
- Acorns - Acorns offers a variety of features to help you build and grow an investment portfolio. By connecting to your account through Plaid, Acorns enables you to invest your spare change, set up recurring investments, and more.
- Robinhood - Plaid allows Robinhood, a popular stock trading and investing app, to collect only the necessary banking information to safely transfer funds directly from your bank account when you invest.
- Cash App - Cash App is a peer-to-peer money exchange app. Plaid’s integration allows you to securely transfer money between your bank account and Cash App.
- Venmo - Venmo is another popular service for peer-to-peer transactions, and Venmo leverages Plaid to enable funds transfers.
In each case, a connection to your bank account is required for these fintech apps to fulfill their services. By logging into your Plaid Portal (which we’ll cover in the next section), you can see what data is shared with each of your apps and why.
Why do these and many other fintech apps use Plaid? For most apps, it’s not feasible to connect directly to an outside banking institution, let alone thousands. It’s difficult and expensive to establish and maintain these connections. Since Plaid has already built the proper technological infrastructure to make these connections between banks and services both seamless and compliant, thousands of financial platforms can integrate Plaid’s banking API to save resources and ensure the security of their products.
What is Plaid bank verification?
The Plaid bank verification process begins when your app sends you to Plaid to establish a connection. Plaid will then verify your credentials and securely access and transmit only the data you’ve authorized to your other app.
Connecting your bank to Plaid
During Plaid’s bank verification process, you will be redirected to your bank’s login portal and asked to enter your username and password. If applicable, you may also be required to complete your bank’s Multi-Factor Authentication (MFA) protocol. Plaid notes that some types of MFA are not compatible with their software.
In confirming the connection with Plaid, your bank may provide you with additional information about this process, highlight which data is going to be shared, and ask you to confirm that you’d like to move forward. Here’s an example of the terms and conditions you may see:
Once you’ve completed the steps on your bank’s end, your Plaid integration will be complete. If you’ve been redirected, you can navigate back to your third-party app to confirm the connection was successful.
Is Plaid safe to link to your bank?
Yes, in general using Plaid for banking is safe. Plaid follows strict security protocols to ensure sensitive data stays out of the hands of fraudsters. On top of that, for consumers, Plaid allows you to view and control exactly what data they’ve shared.
Bank balance information, account and routing numbers, transactions, and contact information are all pieces of data that Plaid may share with the institution you’ve authorized. The information required by each service may vary.
How to manage Plaid’s bank control access
Plaid Portal allows you to check the status, including specific data shared, of all your accounts that are connected to Plaid. You will need to create an account with Plaid Portal to access this information. Once you’re logged in, you can view and manage all of your Plaid connections. From here, you can choose to disconnect any of your accounts anytime without needing to access your apps.
Plaid’s security protocols
Plaid implements the following security protocols that safeguard customer data:
- Data encryption - When linking a bank account, Plaid instantly encrypts sensitive data and transmits it to the external application. Encryption is a common practice in information security that protects data from unauthorized parties by encoding it. Plaid uses a combination of Advanced Encryption Standard (AES) to protect stored data and Transport Layer Security (TLS) for data-in-transit.
- Strong authentication - Plaid uses Multi-Factor Authentication (MFA) to secure sensitive data. This form of authentication requires an additional layer of certification beyond usernames and passwords for accessing internal systems.
- Independent security testing - Plaid employs outside parties to regularly audit security protocols and conduct stress tests to tighten information security gaps.
- Robust monitoring - A key component of Plaid’s information security program is its around-the-clock monitoring system. Automated alerts and a 24/7 on-call team help Plaid deliver on this promise.
Additionally, Plaid is compliant with globally recognized security standards, ISO 27001 and ISO 27701, and participates in annual SOC 2 Type II compliance audits. These certifications demonstrate an active commitment to the protection of customer data.
How Plaid handles your data
What is customer data used for? Plaid uses customer information to: provide their services, develop new and existing services, prevent fraud or protect privacy, provide customer support, investigate misconduct, comply with legal obligations, and for other notified purposes with your consent.
Plaid open banking
Plaid relies on open banking principles to provide services to consumers and developers. Open banking allows third-parties controlled access to financial data by way of application programming interfaces or APIs.
The open banking system is designed to make it easy and safe for consumers to manage their finances online. As we touched on previously, Plaid’s banking API uses an encrypted token to communicate your data with various financial apps. You are empowered to revoke this access token from an app whenever you’d like, simply by unlinking your bank account.
Use virtual cards to secure your financial data
Whether you’ve encountered card fraud in the past or want to be proactive about safeguarding your financial data, consider using a virtual debit card or virtual credit card instead of your real card. Sometimes called “masked cards”, “anonymous cards”, or “temp cards”, virtual cards can be used in place of your actual card information while checking out with a merchant.
We recommend signing up for Privacy as your virtual card solution. With Privacy, you can create masked cards that are linked directly to your bank account through Plaid. Privacy Virtual Cards also have advanced security features like locking to the first merchant they’re used at, customizable spending limits, and a pause/close card feature to give you more control and protection over your finances.
Most importantly, Privacy adheres to all relevant industry standards regarding data security so you can feel confident knowing your personal information is secure within our systems.
Need help connecting your bank account to Privacy using Plaid? Read our step-by-step guide here.