AdminBox does NOT screen scrape your accounts | AdminBox

AdminBox does NOT screen scrape your accounts

AdminBox does NOT screen scrape your accounts

AdminBox requires just ONE username and password from its users. 

This contrasts with competing websites and apps who require not only a username and password to access their platforms, but they also require usernames and passwords of each and every username and password of your household utility accounts, such as broadband, energy, car insurance, water and others. Once logged in, they keep your session open and scrape your data directly, by pretending to be you. This is how they automate their processes. They are effectively doing the work you have to do to log in to your account and view your bills, or other sensitive data about your household utilities. 

This 'screen scraping' method has been banned in the Banking sector as a result of PSD2 regulations and will come into effect next year. I have no doubt that this method will also be banned for utility data too. The FIDO Alliance, the world’s largest ecosystem for standards-based, interoperable authentication, has taken issue with screen-scraping, as it feels the process is unsecured. Opponents of screen-scraping agree, claiming that screen scraping opens up risk to the customer who exposes a secret bank password to use another third-party service. The data supports that the risks for fraud are mounting.

Banks are now moving to Open Banking, where secure APIs mean a user can allow a third-party read-only access to a user's bank accounts (and other accounts), through permissions. APIs in the utility and household services sector do not exist currently and are a long way away. 

AdminBox will be adopting Open Banking APIs in due course, which means our users will be able to see their bank transaction history of their household categories within their AdminBox category. For example, when viewing their energy information in AdminBox, they will be able to view a complete history of their energy payments, automatically. This method is permission based, and much more secure than the 'screen-scraping' method employed by some providers currently. 

 

  • 27 Sep 2018
  • By: Paul Chapman