| ▲ | phoenixy1 5 hours ago | |
This is a common belief, but the CFPB has stated your bank is still legally required to make you whole in the event of fraud even if you handed over your username and password to a third party, and that any bank TOS stating otherwise are not valid. This is covered on the CFPB Electronic Fund Transfers FAQ, under the Error Resolution: Unauthorized EFTs, Question 8: https://www.consumerfinance.gov/compliance/compliance-resour... | ||
| ▲ | lxgr 5 hours ago | parent [-] | |
In Germany, there was a similar antitrust-based ruling, but it even went further: They disallowed banks to block screen scraping services, as they considered the existence of screen-scraping-based confirmed instant bank transfers a valuable competitor to the (bank-led) card payment schemes. In retrospect, they were maybe right on the competitive part, but the data privacy impact was disastrous. | ||