Third party aggregation sites pose a clear risk to customer security and 22seven will be blocked again, Absa says….

Even though 22seven’s ability to pull data from an Absa Internet Banking customer’s account has been restored, this is not with the bank’s permission, Absa recently told MyBroadband.

22seven is a personal financial management (PFM) service that automatically retrieves a user’s transaction information from their bank through its third-party aggregation provider, Yodlee.

Yodlee requires users to provide their full login credentials: username (which is an account number with some banks), and a password (which for some banks is a PIN and password combination). This is used to log into your Internet banking from which Yodlee gathers the transaction data on your accounts.

When Absa prevented Yodlee from accessing the Internet banking of its customers earlier this year it meant that Absa account holders weren’t able to get their transaction data into 22seven.

Yodlee’s access appeared to be restored some weeks after Absa cut them off, with users reporting that their data was being updated again.

However, according to Absa they didn’t restore or enable access to Yodlee. “We are aware of the varying tactics being employed by third party aggregation sites that pose a clear risk to our customers’ security, and we continue to work to close any gaps that could potentially allow a third party access to our customers’ personal details,” Absa said.

An Absa spokesperson explained to MyBroadband that the bank would cut off Yodlee in future if it discovered a security hole that needed to be closed.

Original article about 22seven, Yodlee and Christo Davel (Founder of 22seven) available from MyBroadBand Business News: