Portability Part 5: Making Your App Portable

 In Data, Financial APIs, Financial Data, Portability, Privacy & Regulations, Security

Starting in the 1980s and 1990s, if you were lucky enough to be able to afford a desktop computer, it vastly improved your access to information and increased capabilities that you never would have had without it. When the computer became accessible to the common person in a portable form (aka a laptop) in the early 2000s, it made all those capabilities available virtually anywhere a person went. Computers were good; laptops were better.

We can apply that same concept to data.  Data is good. When companies collect data, they can then analyze it so that they can make decisions that enable them to reach more people with their products or services, to remain relevant, to increase customer satisfaction and loyalty, to drive sales, and to grow. Data that’s accessible by one company is good. Data that’s accessible by and can be shared between multiple companies, however, is even better. Portable data opens up a whole new realm of possibilities for businesses and consumers alike. 

As we’ve discussed in our previous four blog posts in this series, data portability involves two main ideas: 1) a person being able to access, in a way they can understand, their personal data being collected by different companies, and 2) a person also being able to transmit their personal data from its source to another recipient. For a fuller explanation of data portability and an argument for why portability is relevant for all people, you can access part 1 here. In part 2 of the series, we focused on ways data portability specifically applies to users and developers. Then in part 3 we introduced the concepts of security compliance and argued that true portability can be done only via secure methods. In part 4 we did a deeper dive on modern legislation that speaks to portability. In this final article of the series, we’ll be speaking directly to entrepreneurs and developers who are building an app that requires the portability of financial data. We’ll cover how to actually implement portability capabilities into what you’re developing and offer some advice on how to choose a portability platform so that you can get started with portability as soon as possible. 

A Developer’s Checklist for Portability

If you’re building an app that will require users’ financial data, here are some crucial things to consider and include in your developing:

1. Consumer Consent

First of all, consumers must have the choice of opting in to portability or not. This means you must integrate a consumer consent process into your app where you clearly state that your app will access the user’s financial data, if they give permission. Without their consent, you won’t be able to access their information. 

2. Terms of Use / Privacy Policy

Next, you will need to provide the users opting in or consenting to porting their financial data to your app the specific terms that you’ll be using to access and use their information. These terms should include an explicit privacy policy that states who will have access to users’ information through the portability process. Your privacy policy should directly reflect the security compliance structure you have chosen for your app. 

3. Data Disclosure

In your app you will also need to disclose the specific personal data you’ll be accessing (after the consumer has opted in) and for what purpose you’re accessing it. This disclosure is essentially a promise to the consumer that you will only access the data you’ve agreed to and only use it for the reasons you’ve disclosed. Everything else is contractually off-limits. 

4. Access Disclosure

Finally, it will be necessary to state all additional parties who will have access to user’s personal financial data, mainly the platform that you’ve selected to conduct the portability process between users’ financial institutions and your app. 

Choosing a Portability Platform

Like we discussed in part 4 of the series, legislation across the globe is increasingly requiring portability capabilities for businesses and applications, according to specific and agreed-upon guidelines. In order to meet these requirements, most apps will need to work with a third party entity to actually bridge the gap between the app (themselves) and the financial data they need to function. Portability platforms exist for that reason – to conduct the portability between apps and financial institutions. Here are three things to look for when choosing a portability platform for your app:

  • Security + privacy

Not all platforms follow the same guidelines and procedures for keeping data secure as it is ported from one place to another. Platforms can be structured to pass several different types of audits, like SOC 2 Type 2, which is one of the most rigorous. You should also consider what type of cloud infrastructure the platform uses, such as AWS or GCP. Additionally, consider the platform’s views on the principle of least privilege, which is the idea that if a subject doesn’t need to access something in order to complete its task, then it shouldn’t have the right to access it. You can also look into a platform’s user access review to see how secure they’ve kept the information they’ve accessed. Finally, you can also ask about a platform’s audit logs and trails to see how they’ve kept up with changing requirements and structures. 

  • Partnerships with financial institutions

You want to work with a portability platform that has the broadest coverage possible so that your app is relevant with as many people as possible, no matter what banking or financial services they use. The more diverse the coverage a platform has across banks, credit bureaus, payment processors, etc. the better results your app will have. 

  • Cost + time

Also keep in mind the cost and time of using different platforms. Will you pay per account or per user, or some other way? How long will it take for you to gain access to the data you need after the user has given consent? Both of these things can be the difference between your app making it, or not.

Portability with Pentadata

Since our start in 2018, Pentadata’s approach to accessing and porting data has been to value honesty, transparency, and security above everything else. We’re the first financial data platform in North America that can access essentially all bank accounts and credit cards in a reliably secure way. Instead of using screen scraping methods like other platforms, we use encrypted, consumer-permissioned APIs to access data from leading banks, payment processors, payment networks, and data platforms. We always require consumers’ permission before their data is used; we encourage developers to access multiple data sources to protect consumers; we build analytical tools to provide insight needed to provide meaningful offers; and we require that consumer data never be stored so that it’s not vulnerable to being accessed by the wrong people. At Pentadata we believe that technological advancements don’t have to come at the cost of consumer’s privacy or data security. We always adhere to stringent technical standards and best practices aligned with the twelve major North American financial institutions. 

Following all of these guidelines doesn’t slow us down, however. While most portability platforms can give you access to financial data within a week of it being requested and permissioned, Pentadata can grant access typically within 24 hours of consent being given by the user so you can be up and running in no time. With all these things in mind, Pentadata is an excellent platform to integrate into your app. 

If you’re ready to explore how working with Pentadata as your portability platform could benefit your app, you can contact us to request API keys and try it out today. 

This post is the final installation of a 5-part series on data portability. You can read Part 1 here, Part 2 here, Part 3 here, and Part 4 here.

Recent Posts