I'm surprised by this. I used to work in Foster City.
The joke on the campus was that VISA stood for "Very Inconspicuous Spy Agency".
You'd think that there wouldn't be this kind of miscommunication in the chain of command.
All jokes aside, I'm very curious to check out Plaid now because I didn't pay attention when it was independent and Visa is a *very* smart organization, so Plaid must be something special.
This seems to be changing. Nacha (the organization that governs ACH) has been developing open APIs so that more organizations can get access to the ACH network without any dirty hacks. I would expect to see a rise in the number of personal finance applications over the next few years due to this fact.
The problem is that Nacha is building these APIs on top of ACH. There needs to be a universal realtime payment and account-validation network, not a file FTP'd to the Fed that's sent out three times a day.
Take a look at FedNow which is aiming to offer a 24/7/365 instant payment service for all US banks by 2023-24. (I would realistically expect 2028-30 for it to go online) This is being worked on, but everything moves at a glacial pace.
FedNow is a while away. RTP (Real-time payments) from the The Clearing House is already doing it. They have appx half the DDAs (bank accounts) in the US covered. Another year or two they will have 80-90%
Also Push to Card and VISA/MC Debit are real-time payment systems i.e. 7x24x365 where you can pull or push money to the bank account linked to the VISA/MC branded ATM card
Yes. Plaid can be used to verify banking details (many stock brokers use it for this, for example).
Plaid works by asking the user to give their banking username and password to Plaid, and then their two factor authentication token too. Plaid logs into their account behind the scenes to verify ownership.
Plaid claims to not store this info, and I assume that they don't, but it still seems like one of the biggest security anti-patterns ever. If nothing else, it's training users to ignore the "don't share your password" warnings. Do we really want users trained to be more susceptible to phishing?
Yeah in the last decade, I have many times considered building a service that would have a better interface and access to information by fetching it from all my financial institutions, but what's held me back is the lack of APIs and I never even considered collecting user credentials as a viable option because of the potential security nightmare and possible libabilities. I guess it pays to be ignorant of all that and just plow ahead. Once you get billions in VC funding, you can fend off any consequences.
> Plaid claims to not store this info, and I assume that they don't
Think of it as Plaid storing OAuth2 access tokens, sort of; and the tokens do expire (over pretty long periods), though, some bank integrations do allow them to generate their equivalent of refresh tokens.
Plaid didn't go into this blind; they know the tightrope they're walking. As someone who's worked with Plaid to build an integration into our product, I'd say they're definitely in a very gray area, but that's pretty much all of the Fintech space right now.
Although, I'd also say they're not malicious; even if it is just motivated by the fear of the bad press resulting in a customer exodus.
It is a hack around regulatory failure to mandate this functionality at finance firms (both Congress and the Fed have failed in this regard). The Fed's instant payments product (FedNow [1]) goes live in 2023, which is going to put downward pressure on Visa's debit business. The Fed only began to move on instant payments when pressured by Congress [2] (who didn't want smaller banks held hostage by Early Warning System's "Zelle" product, which is operated by a consortium of the nation's largest banks).
Europe mandated this functionality (PSD2) [3]. With instant payments and if regulations required banks to offer this functionality, Plaid's value would evaporate.
FedNow is a while away. RTP (Real-time payments) from the The Clearing House is already doing it. They have appx half the DDAs (bank accounts) in the US covered. Another year or two they will have 80-90% Also Push to Card and VISA/MC Debit are real-time payment systems i.e. 7x24x365 where you can pull or push money to the bank account linked to the VISA/MC branded ATM card
Bottom line: Fednow may be too little too late, but real-time payments are happening outside of VISA/MC
VISA/MC are aware of this. They expect "Interchange compression" i.e. reduction in revenue from Credit Card fees as users switch to other systems. However it isn't a show stopper because in parallel they have discovered (and are using ) new ways to increase interchange revenue e.g. Virtual Cards, Prepaid Cards etc.
2-3 years isn't that long in financial services. Sure, The Clearing House provides an RTP platform (and is also a financial rail for Zelle payments). Can they do it as cheap as the Fed offering FedNow as a utility similar to ACH? And to every deposit account provider in the US at a reasonable cost? Probably not. Doesn't matter how many deposit accounts you cover if someone is going to come eat your lunch because they have a Congressional mandate.
Agree on interchange compression (it's fairly obvious credit card networks are overpaid for what they offer, so of course innovation is going to bring revenue destruction), but there's no way virtual and prepaid cards are going to make up the shortfall (especially with Congress starting to lean left and progressive banking policies on the table, such as central bank pass through accounts, negating the need for prepaid cards when deposit accounts become accessible to everyone).
Long story short, finance still consumes too much of a percentage of GDP, and it's a good thing when tech comes along that pushes that drag down.
Does FedNow solve all of the problems Plaid solves? I'm thinking specifically about Plaid functionality that lets consumers expose transaction history, investments, etc.
It would appear that FedNow solves for "How do I get money into my Schwab brokerage account?" but not "How can I let Schwab do risk analysis across all my investment accounts?"
It does not, which is why I mention Europe's PSD2, which would. You don't build a startup to do this, you mandate your financial institutions to provide this functionality to users.
The joke on the campus was that VISA stood for "Very Inconspicuous Spy Agency".
You'd think that there wouldn't be this kind of miscommunication in the chain of command.
All jokes aside, I'm very curious to check out Plaid now because I didn't pay attention when it was independent and Visa is a *very* smart organization, so Plaid must be something special.