Just like UPI helps people share money between bank accounts seamlessly, the new Account Aggregator framework (AA) will help people share their financial data quickly and safely.
In the early days of UPI, people felt a lot of apprehensions. Is UPI safe? Is it okay to link my bank account to an app like BHIM? How will the app be able to make transactions for me? How can I make sure that I don't make a false transaction?
Since then, most of us have learnt our way through UPI without falling prey to UPI scams and frauds. However, as AA apps start launching, we will have the same apprehensions about the AA ecosystem. Will the AA apps be safe? Will I be able to share my data securely?
This post helps debunk myths around Account Aggregators so you can feel safe adopting these new apps.
What is an Account Aggregator?
Just like how a UPI app facilitates the transfer of funds from one bank to another, an Account Aggregator will be used to transfer financial data.
Here's what you can do with an AA:
- Discover and link your accounts with Financial Information Providers (FIPs). FIPs are the organisations that hold your financial data — e.g banks, insurance companies, mutual funds, pension funds, etc.
- Give consent to share your information with a Financial Information User (FIUs). FIUs are organisations that consume financial data to provide consumer services — e.g. lending agencies, insurance companies, personal wealth management companies, etc.
- See the history of your data sharing and revoke any consent.
Let's go through an example. Suppose you need to send your bank statements to your insurance agency.
Today, you have to go to your bank branch or online banking, download your bank statements, attest them, and deliver or send them to the insurance agency. But with Account Aggregators, everything will happen digitally.
An AA app is like Dunzo, picking up something for you and delivering it to another place.
You will open your AA app and link your bank account. This lets the AA, aka your Dunzo driver, access and fetch your banking data.
For a Dunzo delivery, since all orders and communication happen within the app, everyone involved knows that your Dunzo driver is legit. Similarly, since the entire data transaction happens with the AA protocol, the bank will know that your request is valid.
Next, the AA app will fetch your account information from the bank in an encrypted form.
Just like Dunzo can't look inside a package you send, an AA will be data-blind. It will know the details of your transaction, but it will not see any of the data that you are sending.
Next, the AA will deliver your data to the insurance agency.
There's no need to follow up or send clarifications about your data. The insurance agency will be given all the information it needs — the consent to access your bank statements, how long the consent lasts for, how many months of statements you've shared, whether all your statements are available, etc.
Just like for a Dunzo delivery, once your bank statements have been delivered safely, both you and your bank will receive a notification.
Learn more about Account Aggregators: how they work, how they were created, and how they'll transform the fintech industry.
Myth #1: If I link my financial account to an AA, it will store my information.
Think of an Account Aggregator as a postman. Its job is to know that you have asked it to deliver a sealed envelope from Point A (an FIP) to Point B (an FIU). Just like how a postman can't see inside your envelope, an AA can't see the details of your request.
AAs are data-blind. At most, they will know that you are sharing certain information provided by an FIP to an FIU. They may temporarily store your encrypted information in their servers. (This allows them to aggregate information from other FIPs and then send it all to FIUs, much like how a postman will collect various letters and then deliver all of them to you at once.) But they can't view that information.
Linking your account to AA is quite safe. They only save information about the FIPs linked to your account to help you transact easier. They will never have access to your actual bank statements, loan bonds, tax returns, etc.
Myth #2: If I link too many of my financial accounts to an AA, they will be able to profile me.
Again, this isn't possible.
Account Aggregators are data blind, and they can't read the data you share using it. Their job is to collect data requests for you and share information on your behalf, like a postman.
No matter many accounts you link, an AA won't be able to see the details of your bank accounts or any other financial information, which would be necessary to profile you.
Myth #3: AA apps can share my data without my consent.
Account Aggregation is based on a tightly thought-out consent architecture whose core tenant is data privacy and security.
AAs will require explicit consent on every data transaction that you do. AAs won't be able to download data from a FIP without an explicit consent request being raised or approved by you. And, just like you have to approve a UPI transaction in the BHIM app, you will have to enter your secure AA PIN on an AA app to approve every transaction.
Also, as per the Reserve Bank of India's Master Directive (which lays out rules for AAs), Account Aggregators can't be in any other business. They can only be an AA. This prevents an AA from establishing a side business and selling your encrypted data.
Myth #4: If I give consent once, an AA will have access to my data forever.
Every consent will only be valid for as long as you want.
There are two types of consent: one-time consent and recurring consent.
- In a one-time consent, your data will only be shared once.
- In a recurring consent, your consent will only be valid for a certain amount of time (which you set).
Let's say I want to share my bank statements. I can choose to share the last three months of bank statements once, or I can share bank statements with an FIU once a month for the next three months.
When and how your data is shared totally depends on the request an FIU makes and whether you consent to that request.
Moreover, you will always have access to your consent logs, and you can revoke consent anytime. For example, even if you had given consent for three months, you can revoke the consent after two months. After all, it's your data.
Myth #5: There will be far too many AA apps, just like all the UPI apps (BHIM, Google Pay, PhonePe, etc.)
Yes and no.
Yes, there will be multiple Account Aggregator apps in the market. In fact, right now, there are already seven registered AAs.
Currently, consent history can't be shared across AA apps. However, if better data portability and sharing was added as a feature, it would mean that people could use just one AA app of their choice and keep all financial records in one place.
Myth #6: Using AAs will lead to more data theft, since bank statements can be shared in a few clicks.
Actually, your financial information is more at risk in the non-AA world.
How many times have you printed your bank statements, got them attested, and then gave them to some other institution? There are more chances for misuse — a bank employee can take photos or make photocopies and sell your data, or you might forget your bank documents in a public place.
With Account Aggregators, you are giving explicit digital consent for data sharing. It's like moving from paying with cash to a UPI app — no chance of someone stealing your cash anymore!
Moreover, with AAs, you will always have a written record of who is using your financial data and for what purpose.
Myth #7: With so much data sharing, I won't be able to track who is using my data and why.
This is a half-myth.
Yes, Account Aggregators will increase data sharing. That's the whole purpose — to help you share your confidential financial information securely and privately.
However, AAs make it possible to track every data transaction that you make, which is difficult to track in the non-AA world.
Myth #8: Someone could see all my financial details if they open my AA app.
Security is at the heart of the AA ecosystem, so AA apps won't expose all your financial details.
When you link your financial accounts with AA, even the AA app can't see your entire account number. The data is shared with the AA app as masked information.
Even if you leave your phone open by mistake, and someone looks at all your accounts, all they will be able to see the last four digits of your account number. And they won't be able to do anything with your accounts unless they enter your secure AA PIN.
The TL;DR version
To sum it up quickly...
- An Account Aggregator is like a postman. It can send your financial data, but it will never be able to read or store it.
- You'll have to consent to every data transaction, so AAs can't share data without your say-so. You'll always know when your financial data is shared and with whom, and you can revoke consent at any time.
- AAs make your financial data far safer, even though it's quick and easier for you to share your data. All financial data is encrypted and masked, and even people who have your phone can't view it.
- An AA app can't view or use your data to profile you, and they can never go into a side business with your data.
- The RBI is limiting AA apps, which will be able to share your consent history from app to app, so there's no need for more than one AA app on your phone.
We hope this helps to debunk some of the common AA myths out there and gives you a glimpse into how the new Account Aggregator framework will work.
Have other concerns about AA? Write to us, or drop a comment below!