The app was quickly becoming a cult favorite among penny-pinching U.S. consumers — and also a bane for their banks.
In just over a year, Paul Kesserwani's startup Cushion has helped users win refunds on almost $1 million in fees by logging into their accounts and disputing charges with an artificial-intelligence chatbot, named Fee Fighter.
So Kesserwani was wary when one of the largest U.S. lenders called late last year, seeking a list of his IP addresses. The bank said it wanted to ensure Cushion's computers wouldn't be flagged as suspicious. Weeks after he handed over some of the information, it called again, warning it might block Cushion's servers from accessing customer data. But Kesserwani wasn't willing to quit.
"A bank with millions of customers can't police the internet," said Kesserwani, who did not want the bank named because of concern it may exacerbate the situation.
Long-simmering tensions between the financial industry and Silicon Valley startups are erupting behind-the-scenes into a battle over the reams of valuable data held inside Americans' bank accounts. In recent months, major banks including JPMorgan Chase & Co. and Capital One Financial Corp. have led the industry into a fresh campaign to control how outsiders tap into sensitive customer information.
Executives at a number of Silicon Valley ventures say they've been threatened by banks with being blacklisted if they don't agree to strict new terms. They claim consumers are being constrained in using their own data to better manage their money.
The fight has implications for thousands of so-called fintech startups aiming to disrupt parts of the traditional financial world. Many rely on access to users' bank records.
Financial firms have long warned that some apps may collect more data than they need, store it insecurely or sell it to third parties. "We advise all of our customers not to share their credentials," said Imran Haider, a Wells Fargo executive.
Consumer advocates laud apps that help people save money, manage budgets and avoid unfair fees. But those focused on privacy still tend to side with the banks.
"Any entity that is using screen scraping should be talking to the big financial institutions and coming up with a more secure way, because it's increasingly untenable to not have an API," said Lauren Saunders, associate director of the National Consumer Law Center.
Surane writes for Bloomberg.