Security of account aggregators flawed
Most account aggregators are offering a flawed product while they remain in the middle of the relationship between clients and service providers, according to eWise.com.au chief executive Alex Grinberg.
Grinberg says the placement of third parties in the process, who hold password information and collect the data for the clients, is a security flaw which can be exploited by those outside the relationship.
"If there is unauthorized access to the third party account aggregator from outside there is access to all the data of any clients held by the aggregator," Grinberg says.
eWise.com.au is also an account aggregator but Grinberg says the it does not hold any data on behalf of clients but rather, works as a conduit for information with all details held offsite.
"Anyone breaking into the eWise.com.au system will not find any useful data as there is nothing there in terms of user passwords or financial data. All account information needed to access account data is held on each client's own computer," Grinberg says.
These details are encrypted on the user's computer and are not seen by eWise.com.au at all, nor does it need access to them to provide service according to Grinberg.
Grinberg says account aggregation also breaches the terms of services of many financial institutions which prohibit the handing over of account information to a third party. As a result of this liability issues may arise with some banks actively seeking to bar account aggregation.
Other features of the eWise.com.au service include a bill scheduling, reminder and payment services as well as the ability to perform transactions with the customers' nominated institutions.
The service the only one to provide access to National Australia Bank and St George Bank accounts and is rebadged and in use by a number of third parties. Grinberg says discussions are under way with at least a dozen other financial services groups and online providers to further roll out the service.
AUTHOR
Jason Spits
Recommended for you
Insignia Financial has returned to profit in FY25, after a $185 million loss in the previous year, while its advice division grew their revenue per adviser by 14 per cent.
With licensee switching on the rise, particularly for newer advisers, compliance expert Sean Graham has shared red flags to watch out for when making the jump between AFSLs.
Beyond their investment benefits, over a third of advisers say utilising managed accounts solutions has allowed them to take on more clients, according to Praemium.
Insignia Financial’s wrap platform has appointed Heidi Press, former HUB24 head of product management, to spearhead the design and delivery of the MLC Expand platform.
