Oaken - is Flinks to be trusted?? | Page 2 | Oaken Financial | Discussion forum

There have been a lot of concerns expressed in these forums about Flinks and Plaid and possible security issues that could arise from their use.

However, I do not recall anyone reporting any actual security breach. Am I wrong?

Wrayzor said
I'm one who has expressed concern. To my knowledge (and aided by Mr. Google), no security breaches have been publicly reported.

Plaid did settle a class action lawsuit in the US for violating users' privacy by scraping and selling their data. Not exactly confidence building behaviour.  

I'm OK with Flinks because the use of your login credentials is simply for the the initial linkage setup so, one can change that password once the link is established.

Plaid with "permanent" login credentials retention is not something I would want to enable.

Ok with using FLINKS? Here is what you need to know - taken from their "Privacy Statement".....talk about a misnomer!

Types of Personal Information We Process
Flinks processes three types of personal information when it provides its services to its clients:

Information you provide. When you connect your financial account(s), you will provide your login information required by your financial institution to access your account. Typically, this consists of a username and password, but it could also include answers to challenge questions (e.g., a family member's name or maiden name, street you grew up on), or a security token (e.g., multi-factor authentication code or one-time pad (OTP)). Information you provide may also consist of digital copies of bank statements, cheques, or other financial documents where you are sharing these types of documents through Flinks Connectivity with one of our clients.

Information obtained from your financial institution. When Flinks connects to your financial account for the purposes of our clients' services, we retrieve information from such financial institution that maintains the account(s). The information we retrieve may vary depending on:

The information required by our client in order to power their service; and
The information made available by your financial institution.
Information from your payroll or paystub provider. In addition to the ability to connect to your financial institution through our Connectivity Service, Flinks also has the ability to connect to your payroll or paystub provider. This allows Flinks to provide its clients with an up-to-date picture of your sources of income in addition to what is available from your financial institution.

Regardless of the types of information our clients require, the types of information we collect from your financial institutions will include, without limitation:

Account information (e.g., financial institution name, account name, account type, and account and routing number);
Information about an account balance (e.g., current and available balance);
Information about credit accounts, (e.g., statement due dates and balances owed, payment amounts and dates, transaction history, and interest);
Information about loan accounts (e.g., including due dates, balances, payment amounts and dates, interest, loan type, payment plan, and term);
Information about the account owner(s) (e.g., name, email address, phone number, and address information); and
Information about account transactions (e.g., amount, date, type, and a description of the transaction).

Information from your devices. Our technology is integrated into our clients' applications. Thus, when you use one of your devices to connect with a client service, we may receive information about this device, including without limitation the IP address, hardware model, operating system, and other technical information about the device. We may also use cookies or similar tracking technologies to collect usage statistics and to help us improve our services.