April 21, 2022
Skyflow Partners with Plaid to Help Developers Build Fast and Protect Financial Data Privacy
Today we announced our new partnership with Plaid to help developers protect sensitive data and build financial data privacy into their applications.
If you develop apps that interact with financial institutions, you know that the stakes are high anytime consumers entrust you with their money and sensitive personal information. Honoring this trust is critical to the success of your business, but so is delivering innovative products and experiences to your customers. With Skyflow and Plaid’s new partnership, you can do both.
Plaid has API connectivity to over 12,000 banks and financial services across North America, the UK, and many parts of the EU. Plaid’s APIs let fintech companies like Betterment, SoFi, and Venmo interact with participating financial institutions to verify bank accounts, retrieve financial data on their customers, and more.
Protecting Sensitive PII and Financial Data
Now, you can easily use Plaid’s APIs to transact with financial institutions while also using Skyflow’s Data Privacy Vault to protect sensitive PII and financial data. Skyflow intercepts sensitive data coming from Plaid’s APIs and replaces that data with tokens, so your systems never need to handle sensitive data directly.
When you need to use sensitive data in an unencrypted form you provide the corresponding token to Skyflow. Skyflow then checks to confirm that your request meets the strict zero trust access controls configured by your security team before detokenizing and returning that sensitive data to you. And, in situations where you don’t need to decrypt sensitive data because you just need to perform validation or comparison, Skyflow can run operations on encrypted data without the need to decrypt it.
By filtering out sensitive data and replacing it with tokens, Skyflow makes it easier than ever to protect your customers’ data privacy. The following diagram shows how this works when you make an API call:
API and Schema Integration Puts Developers First
Skyflow and Plaid’s integrated solution gives developers the following benefits:
- API-level integration: Skyflow Connections now provides pre-built connections to all seven of Plaid’s products: Assets, Auth, Balance, Identity, Investments, Liabilities, and Transactions. Whether your app handles account and routing numbers and checking account balances, or pulls asset and liability reports, you can ensure data privacy, security, and compliance for sensitive data without sacrificing data usability. Connections provides API-level integration between Skyflow’s Data Privacy Vault and Plaid’s products, giving you a seamlessly integrated platform.
- Plaid vault schema template: Skyflow now includes a pre-built vault schema template for Plaid products, so you can align the data model of your Skyflow Vault with the fields used by Plaid APIs. Because this vault template is designed to support each of Plaid’s products, you can use Skyflow and Plaid together during service development without adding friction to your design work.
Get Started Quickly with Skyflow’s Plaid Template
You can try out Skyflow and Plaid together using the Plaid template that’s now included in Skyflow’s Quickstart experience. The Plaid schema template lets you quickly prototype and deliver apps that use Skyflow and any of Plaid’s seven products together, so you can build products that preserve data privacy from day one:
Example: Using Skyflow and Plaid for Bank Account Validation
One of Plaid’s popular use cases is using Plaid’s Auth API to validate a user’s bank account and return their account number and routing information. Using Skyflow, you can securely tokenize this sensitive financial data at the field level and store that data securely in your Skyflow Data Privacy Vault. Below is a side-by-side example of the API response that you’d get if you use Plaid without Skyflow, followed by an example of how this same response would look after it’s been tokenized using Skyflow.
On the left, you can see the response to a Plaid Auth API call without Skyflow, where the account, routing, and wire_routing fields are all in plain text. This sensitive financial data is directly exposed to the user-facing application and developer.
On the right, you can see the same API response with Skyflow, where the account, routing, and wire_routing fields are all tokenized – so sensitive data is replaced with random tokens while account_id and request_id are unchanged because these are Plaid identifiers. This sensitive data is stored securely within the Skyflow Vault with full redaction for most users, as shown below:
Build Fast and Protect Data Privacy
If you’re a developer looking to use Plaid to access highly sensitive financial and personal data from financial institutions while preserving customer data privacy, you can now use an integrated solution to meet both of these needs, from the day you first launch your app.