No more Tesla Lease autopay via online banking

[stopcrazypp]

Anyone who is afraid of this is naive in the assumption that they had any privacy in the first place. This is about emotional and psychological results, not actual privacy or security.

Did you really think you would be the first victim of the Plaid conspiracy to do something other to earn profit?

It's not the Plaid "conspiracy" or "privacy" that's the issue, it's that they require your bank credentials, which means they (or if someone hacks them) can move money in and out of your bank at will (as well as perform anything your online banking allows). And they know those credentials in a plaintext matter (it may be transmitted to them via an encrypted connection, but in the end they have plaintext access to it, given they have to enter it into your bank system in the same way). It's better that they have since switched to OAuth for some banks, but for banks that they don't have OAuth for yet, it should be pretty obvious why it's a bad idea.

 

[Plood]

It's not the Plaid "conspiracy" or "privacy" that's the issue, it's that they require your bank credentials, which means they (or if someone hacks them) can move money in and out of your bank at will (as well as perform anything your online banking allows). And they know those credentials in a plaintext matter (it may be transmitted to them via an encrypted connection, but in the end they have plaintext access to it, given they have to enter it into your bank system in the same way). It's better that they have since switched to OAuth for some banks, but for banks that they don't have OAuth for yet, it should be pretty obvious why it's a bad idea.

You prove my point that this is psychological. If it had ever actually happened you'd be telling me about it, right?

 

[stopcrazypp]

You prove my point that this is psychological. If it had ever actually happened you'd be telling me about it, right?

Poor security is poor security, you don't wait until something bad happens to complain about it, especially given any breaches may not be announced. OAuth exists for a reason, and it's simply extremely uncommon for a third party to ask for your bank credentials directly, especially for transactions where it's completely unnecessary (given ACH is allowed anyways).

 

[valaeyron]

Poor security is poor security, you don't wait until something bad happens to complain about it, especially given any breaches may not be announced. OAuth exists for a reason, and it's simply extremely uncommon for a third party to ask for your bank credentials directly, especially for transactions where it's completely unnecessary (given ACH is allowed anyways).

So complain to your bank… just because Plaid offers a sub-par solution for your bank because your bank is behind the times…is not a good reason to torch them. They don’t have your bank login if you never gave it to them in the first place. That’s even more secure

…and, btw, ACH mistakes do happen, and yes this means all your money can be taken too.