JPMorgan Chase, the largest US bank and the sixth-largest in the world, will reportedly be enforcing stricter security policies and measures by preventing third-party Fintech applications from gaining access to user passwords.
The current method of data sharing offers (with permission) several external Fintech apps access to clients’ bank accounts. However, concerns have been raised regarding the potential dangers of allowing third-party apps to access customers’ private login information. JPMorgan has not announced a specific date by which it will ban third-party Fintech apps, but noted that it intends to use a token-based system that will give third parties or external apps access to “a narrow range of data in a secure form.”
JPMorgan’s move has come three years after CEO Jamie Dimon cautioned bank customers about the system that’s presently being used. Dimon had pointed out that many people don’t realize the level of access they provide when agreeing with various privacy terms and conditions from third-parties.
Dimon mentioned in a shareholder letter in 2016: “Many third parties sell or trade information in a way customers may not understand, and the third parties, quite often, are doing it for their own economic benefit — not for the customers.” The current Open Banking movement, one embraced by the UK, enables consumers to control their information – not a financial institution. Individuals’ data may not be shared with any other entity without the explicit consent of the user – a move that blocks financial services firms from selling user info.
In statements shared with the Financial Times, Bill Wallace, JPMorgan Chase’s head of digital projects, noted that the institution was currently looking to issue tokens for access to customer information and would only share a limited amount of user data. The bank says it also wants to get users’ passwords “out of the system.”
At present, the system is used by aggregator Yodlee in its interactions with JPMorgan Chase. Wallace says that switching to tokens will not discourage customers from trying out new platforms, and it also won’t prevent external apps from offering services to them.