Is Plaid safe? What it is and how it protects your financial data

When a financial app asks you to link your bank account, you may be prompted to enter your login credentials through Plaid. What do you do next? It’s natural to pause before sharing sensitive information with a name you don’t recognize, but when it comes to Plaid, we’ve found no evidence that there’s a need to worry.

Plaid acts as a secure intermediary, helping connect your bank to fintech (financial technology) apps without exposing your credentials. Read on to learn more about Plaid, including what it is, how it works, and how it keeps your financial information safer from fraudsters.

What is Plaid?

Plaid is a fintech service that helps you link your bank accounts to third-party apps that require your account details. It keeps your data secure and confidential as you share it over the web. Plaid is quite widespread, with around half of U.S. adults having used it to connect their financial accounts to an app.

Imagine you want to pay your bills online with Mint or send someone $50 via Venmo. These apps will need some important info to complete the transaction: they need to know that you have the money in your account and that you are who you say you are. Plus, they’ll need your account and routing number to seal the deal.

Plaid facilitates the transfer of this information so you don’t have to share your banking credentials with other apps directly.

If finance apps like Venmo, Robinhood, Mint, or Wise were to access your account without an intermediary like Plaid, each one would require direct access to your login credentials, increasing the number of places your sensitive data is exposed.

Plaid reduces that risk. It allows you to link your account through a single secure platform that uses strong encryption and authentication protocols. The app you're connecting to never sees or stores your credentials, which helps limit your exposure and reduce the risk of scams or data misuse.

What banks and apps use Plaid?

Over 8,000 apps and 12,000 banking institutions around the world use Plaid. Popular apps that use Plaid include Venmo, MoneyLion, Acorns, Wise, SoFi, and Robinhood. Most major banks also work with Plaid, including Bank of America, Wells Fargo, and Citi.

Is Plaid safe to use?

Yes, Plaid is generally safe to use. It employs strong encryption, multi-factor authentication, and read-only data access to protect your financial information. The company is also certified under internationally recognized data security standards such as ISO 27001 and ISO 27701.

Plaid’s entire business depends on earning and maintaining user trust. To that end, it has implemented multiple security measures to help protect your data. Here’s a look at some of Plaid’s safety measures:

• Data encryption: Advanced encryption helps prevent hackers from reading your data even if it’s intercepted.
• Tokenization: Instead of transmitting your actual login credentials, Plaid uses tokens to authorize access without exposing sensitive account details.
• Read-only access: Plaid grants apps read-only access to your financial data. This means they can view the necessary information, but can’t make changes or initiate transfers.
• Authentication: Plaid uses multi-factor authentication (MFA) and other verification processes to help prevent unauthorized users from accessing your accounts.
• Regular security audits: Plaid undergoes regular testing by independent third-party auditors who identify and address vulnerabilities.
• 24/7 fraud monitoring: The Plaid information security team watches for suspicious activity around the clock to catch and eliminate potential threats.

What about data privacy?

Like many companies operating in the financial data space, Plaid has faced questions about data privacy in the past. In 2022, Plaid was ordered to pay $58 million in a class action lawsuit related to how it communicated its data practices to users. The settlement required Plaid to delete certain user data from the internet, enhance its disclosures, and give people more control through a user-facing dashboard, the Plaid Portal.

Plaid has since taken important steps to strengthen transparency and privacy protections. Unfortunately, not all organizations are as conscientious about data security as Plaid. If a company storing your data is hit by a breach, your sensitive personal information could be exposed and sold on the dark web. That’s where Norton comes in, with its Dark Web Monitoring^§ feature.

Included with Norton 360 Deluxe, Dark Web Monitoring scans hidden corners of the internet and alerts you if your data is detected, so you can respond appropriately and minimize potential harm. Additionally, the built-in Privacy Monitor scans for your personal information on common public people search sites, and helps you make opt-out requests to reduce your online data exposure.

How does Plaid work?

Plaid is designed to act as a secure bridge between your bank and finance apps. Instead of needing to hand over sensitive banking details to each app directly, Plaid verifies your account and shares only the essential information — helping you connect your accounts with greater privacy and peace of mind.

Plaid is not a peer-to-peer (P2P) app and doesn’t handle money transfers directly. As an intermediary, it simply manages the flow of information so your apps get only the info they need and nothing more (such as your bank account login details).

This separation grants you greater privacy and security. Your bank doesn’t see what happens inside the app, and the app doesn’t get unrestricted access to your financial account. So if an app like Venmo experiences a data leak, your core banking credentials should remain safe.

Here’s how Plaid works when linking your bank account to a finance app:

1. It connects via a third-party app:  When you want to access financial services using an app like Robinhood or Venmo, you’ll be asked to link your bank account using Plaid. Usually, Plaid will have an access point within the app you’re using, so you won’t need to create a new account or download a separate Plaid app.
2. You select your bank and log in: Select your bank on Plaid. You will be prompted to log in directly to your bank.
3. Plaid verifies your account: Plaid will verify your login and account details to make sure everything matches.
4. Plaid shares limited data securely: Plaid sends the app the necessary information, like your balance or transaction history, keeping the rest of your info private. The app can’t access or store your bank login details or other sensitive info.
5. You transact securely: Now, thanks to Plaid, you can use your app to securely send and receive money, pay your bills, invest, and more.

Can Plaid see my financial data?

Yes, Plaid can see some of your financial data, such as your account balance and transaction history. It accesses this info to conduct verifications on behalf of other apps (such as Venmo). Plaid cannot see your bank login details, which are encrypted.

According to its website, Plaid can see the following information from your bank:

• Account holder information: Your full name, address, phone number, and email address, as disclosed to your financial institution.
• Account transactions: The transaction amount, date, transaction type, and description.
• Account details: Your account name, account type, account and routing numbers, and balance.

Plaid needs access to some financial data to connect your apps to your bank. For example, if you want to invest $100 on Robinhood, Plaid must be able to view your bank account balance to ensure that you do indeed have $100.

Plaid only verifies the info that apps require — and nothing else. So, if Fiverr needs your routing number to set up payments, Plaid will provide only that detail while keeping the rest of your information private.

Plaid alternatives

Plaid isn’t the only tool that apps use to integrate financial accounts. Here are some other services similar to Plaid you may encounter.

• Finicity: Finicity is owned by Mastercard and considered to be a trustworthy platform. It’s mostly used for managing loans, such as mortgages and auto loans.
• Teller: Teller is a Plaid alternative that gives app developers more control over how they interact with banks. Teller isn’t as widely used as Plaid in the US, but it’s considered to be just as safe.
• Flinks: Flinks is like Plaid for the Canadian market. It helps users across North America connect their apps to Canadian banks, as well as many financial institutions in the US.
• TrueLayer: TrueLayer is a European alternative to Plaid. It was designed to comply with European banking and data security standards.
• Yodlee: Yodlee is a pioneering financial integration platform, and it supports over 1,400 financial services and tech companies. Unlike Plaid, however, Yodlee sells consumer data to marketers.
• GoCardless: GoCardless is a financial tool built for businesses. It helps companies manage recurring payments between banks.

Typically, apps only partner with one intermediary tool, like Plaid, so you probably won’t be able to choose an alternative. If, for whatever reason, you don’t want to use Plaid, you will need to use another fintech app that has partnered with a different Plaid-like tool.

That said, some apps allow you to enter your financial info directly, bypassing Plaid or other secure options. However, this could be considered less secure, as the app will store your financial information.

Keep your accounts more secure

Plaid — and hopefully your bank — have robust security safeguards in place to protect your accounts. But they can’t stop every scam. Even trusted platforms may fail to protect you from social engineering tricks that fool you into sending money.

Norton 360 Deluxe helps protect your accounts and assets with a full arsenal of cybersecurity features. As a subscriber, you’ll get AI-powered scam detection, Dark Web Monitoring^§, a VPN, hacking protection, and a range of other essential features to keep your digital life more secure.

FAQs

Is Plaid legit?

Yes, we believe that Plaid is legit. It’s one of the most popular financial integration companies in the world; it’s trusted by over 8,000 apps and 12,000 financial services institutions in the US, UK, Canada, and Europe.

How safe is Plaid?

Plaid is reputed to be very safe. It implements a range of safety measures to protect its users’ data, including advanced encryption, multi-factor authentication, 24/7 fraud monitoring, and regular third-party security audits.

Is Plaid safe when connected to Venmo?

Yes, it should be safe to connect to Venmo through Plaid. Plaid acts as a gatekeeper between your bank and Venmo, only allowing Venmo to access the information it needs. Plaid eliminates the need for Venmo to store or manage any of your sensitive financial data. This could keep you safer from certain scams on Venmo.

Why does Plaid need my banking login credentials?

Plaid needs your banking login credentials to connect your bank account to a third-party app (such as Venmo). It also needs to verify certain financial info that the app requires, such as your account balance.

Does Plaid screen scrape?

Yes, Plaid screen scrapes to acquire financial data from your accounts and verify your information. Screen scraping is one method it uses to do this. For example, when you use an app to pay a bill, the Plaid app will log into your account and use screen scraping to verify that your account contains enough funds. If your bank offers an API integration for Plaid, Plaid can access your data without screen scraping.