In today's digital landscape, data is everything. For consumers, sharing their data represents convenience, security, and empowerment. It allows them to access the services and personalized insights into their financial habits, receive real-time alerts for unusual activity, and set and track financial goals with ease. For Chase, data sharing represents trust. We recognize that as more people rely on digital tools to manage their finances, the infrastructure that keeps data safe needs to evolve.
As innovation has shifted the landscape of digital banking, Chase has continuously partnered with data aggregators because we understand the importance of secure and robust data-sharing that supports consumer experiences. We’ve made significant direct investment in building and maintaining an industry-leading data sharing tool that safeguards our customers’ privacy while ensuring seamless access to their favorite services. It allows consumers to control what they share, with whom, and for how long.
But for nearly a decade – as we’ve heavily invested in building a Secure API, the pipes that data aggregators use to securely access customer-permissioned data – these aggregators have, in turn, built businesses off of our data infrastructure investments while charging others – fintechs, financial apps, and even other banks – to use the system that they access for free.
This free access has led to excessive data pulls by aggregators, putting consumer data at risk and undermining the security and trust we strive to maintain. In fact, monthly API calls to Chase's secure platform by aggregators have more than doubled in just the last two years to nearly 2 billion – that’s a jump of over 1 billion more calls per month.
For roughly 90% of our data pulls, there is no customer actively requesting the data, which highlights a critical issue: consumers are not fully aware of how – and how often – their data is being accessed and used. This also raises the question: why do the data middlemen need to pull this frequently? And what are they doing with this excessive amount of data?
If we want secure data practices for consumers, we need data middlemen to treat customer data – and access to that data – responsibly. Imagine a customer who downloads a budgeting app to get a better handle on their finances. After a few weeks, they stop using the app. What they may not realize is that the connection lives on – often even if they have deleted the app from their phone – and data middlemen continue to pull their banking data in the background, typically every single day, to build their products and services.
A study by The Clearinghouse shows that 78% of consumers didn’t know that data brokers regularly access personal data even when the app is closed and deleted. That's why we've decided to disincentivize overuse and push for aggregators to share the cost to maintain this security infrastructure. This will help ensure data middlemen are accessing customer data only when necessary and the data-sharing infrastructure that aggregators rely on remains secure and robust.
Now is the time for all involved in the data sharing ecosystem to treat sensitive customer banking information with the care and respect it deserves. Our customers’ trust depends on it.
