Your Security and Fintech Apps
Third-party (non-TD) financial technology (fintech) apps and data aggregators often store and access your digital bank account username, password and account information to provide services that may help you manage your money, invest, borrow and send money. Find out how these apps use your data and what you can do to help protect yourself.
Get informed: fintechs and data aggregators
We know how much you value safety, security and transparency when it comes to the use of your data. That’s why we want you to understand how the financial products and services offered by fintechs and data aggregators work, what they do with your data and how you can protect yourself. We believe in supporting customer choice, but we also want you to have the right information to make an informed decision.
- What you need to know
- How to protect yourself
- FAQs
How fintech apps access your info
First, they get your login credentials
Many fintech apps use data from a financial institution, like TD, where you have accounts. As part of the app sign-up process, fintechs—or the data aggregators they use to collect your information—may present a login screen for you to enter your banking credentials. While many of these app login screens may look like your banking login screen, it's important to know that's often not the case.
Next, they store your login credentials
Once you give them your credentials, fintech apps and data aggregators may store them on their servers. This means that the safety of your bank credentials is now reliant on their security systems.
Then, they have access to your information
When the fintech app or data aggregator wants your banking information, they may use your credentials to access and retrieve (screen-scrape) your account information. Certain information TD has about you—including balances, account numbers, profile information and account statements—could be retrieved by the fintech app provider.
Your responsibility when using fintech apps
Understand your responsibilities—as well as the risks—before sharing your sensitive and confidential financial information with third parties.
When using a fintech app, you may be providing your confidential TD username and password directly to third parties over whom TD has no control. Please be aware that the sharing of your TD credentials is contrary to the terms of our agreements, and TD will not be responsible for any harm that results from the sharing of your credentials.
Questions to ask before using a fintech app
- What type of data does the aggregator (or the company used by the data aggregator) collect when accessing my bank account?
- What security practices are in place to protect my data?
- Who is responsible for any security/data breaches or unauthorized charges that may occur, and will they be able to reimburse me for losses?
Info to look for when you're signing up
- Familiarize yourself with how collected data will be stored and for how long before consenting
- Understand how you can revoke consent
- Learn how your data will be used and if your data is being sold to, or shared, with additional parties
How to monitor your fintech app
- Monitor your accounts and transactions regularly for any suspicious activity that you did not initiate or authorize
- Opt in to receive account and security alerts via text or e-mail on all your TD bank, investment and credit card accounts
- If you stop using a fintech app or services, change your TD password and disallow the connection by logging in to the fintech provider and changing the connection settings before you delete the app
Interested in learning more?
Important Disclosures
† By clicking on this link you are leaving The Toronto-Dominion Bank's ("TD Bank") website and entering a third-party website over which TD Bank has no control.
Neither TD Bank, nor its subsidiaries or affiliates, are responsible for the content of third-party sites hyper-linked from this page, nor do they guarantee or endorse the information, recommendations, products or services offered on third-party sites.
Third-party sites may have different privacy and security policies than TD Bank. You should review the privacy and security policies of any third-party website before you provide personal or confidential information.