👋 Dear hackers, hello and welcome to the Account Aggregator (AA) HackBible. This is your definitive guide to the AA Hackathon. All the context, background information, resources, events, and links can be found here. The main forums for discussion will be the official Slack and **Telegram** channels.
Before diving in to this HackBible, we would like to thank our sponsors. Thank you Sequoia Capital, Yodlee Finsoft, Perfios AA, Lendingkart, and Onemoney. This hackathon would not be possible without you.
What are AAs? Why are they important? Why is this hackathon being organized?
In January 2020, Visa announced that it would be acquiring a fintech startup called Plaid for $5bn. Plaid is the leading data financial aggregator in the world - this means that they help fintech startups and developers get access to user’s financial data.
In America, if you go try to use a neobank such as Chime or a wealth management service such as Wealthfront, you will be asked to link your financial accounts by providing your netbanking login and password. A data aggregator like Plaid will take those login credentials and use them to access your bank account; from there, Plaid will scrape your transactions, account balance, and other details off the HTML of your bank webpage. This data will then be provided to Chime or Wealthfront and be shown to the user on the front-end.
This is the core of what Plaid does: they use screen scraping (and a similar technique called reverse engineering of mobile APIs) to get users’ financial data out of their banks, asset managers, and other financial custodians. They then give this data to app developers who have a need to plug users’ finances into their apps.
While this may seem primitive and broken, this is the bedrock of the global fintech industry. It is very hard to offer customers good service without using live and up-to-date financial data. And the easiest ways to get this data are scraping and reverse engineering. There are some other methods to get data - such as parsing SMS/email, uploading PDFs, doing OCR on scanned statements, and sharing physical statements - but these techniques all have their own inefficiencies, costs, security issues, and friction.
The best way to get a customer’s financial data would be via a direct API to the bank or asset manager. Unfortunately, these APIs didn’t really exist in the real world, until now. In many countries, regulators are adopting a new concept known as ‘open banking’. This concept states that that the data inside a user’s bank account belongs to the user, and that the bank must offer a direct API to port data outside that account in a secure, consented, and machine readable manner.
That is exactly what the AA framework is - it is a legal framework promoted by RBI, SEBI, PFRDA, and IRDAI which encourages financial institutions (FIs) to give users great control over their own data. Using the AA framework, users can create accounts with specially regulated AA companies. Users can link their AA accounts with their financial accounts; when the time comes to share some financial data, users can simply go to their AA app of choice and give consent to share the data. The AA is then able to take this consent, share it with the bank or FI holding their data, and ensure that the data is securely shared with the end recipient as per the explicit wishes of the user.
As simple as it may sound, this is a revolution in financial data sharing. Using AAs, users can safely link multiple accounts and port their financial data without friction and loss of privacy. As an added bonus, this AA-enabled data flow is also cheaper than using alternate means like scraping or SMS parsing: for one thing, the UX flow is easier and more secure, so there is less drop-off in the user funnel. Furthermore, the data in the AA framework is properly encoded according to standardized schemas, so the costs of extracting, cleaning, and transforming data are much lower compared to HTML scraping, OCR, or parsing through emails.