Financial Aggregation Software


(Ben) #1

Hey!

I’m looking at ideas for my final year project, and I’m thinking of creating a financial aggregator. Something like MoneyDashboard but without the unlimited liability that comes with allowing a third party to use and store my security credentials - it’ll run entirely on the local machine (using JavaScript in the users default web browser for most of the heavy lifting, and probably a Java applet to get around CORS issues when screen-scraping legacy banks - this will help achieve cross-platform compatibility and make an Android app fairly low hanging fruit too). Yolt looks interesting but isn’t available yet :frowning: .

I’m hoping to integrate Monzo (and other FinTech providers with “nice” APIs) and the UK high street banks (by scraping online banking - looks like I’ll get 97%+ compatibility by supporting 8 high street banks and their subsidiaries).

Anybody got any thoughts / suggestions?

Cheers,

Ben


(Alex Sherwood) #2

That sounds really cool!

In case it’s helpful, here are some desktop apps that’ve been built for Monzo (only) already -

Also, you should join the developer’s Slack team, to bounce ideas around & ask the Monzo team questions if necessary.


#3

Yolt is available on Android as I am currently using it (but not for my Monzo account) but maybe like other companies they are rolling it out in batches to those who registered their interest first

For me the big plus is they are part of ING bank and not just some software firm, so I trust them to access my other accounts


(Ben) #5

Yeah, I’ve registered my interest, I’m currently waiting for a spot in the beta!

Do you know / can you work out how they aggregate the data? Are they using a third party aggregator like Yodlee?


#6

I am not sure but assumed it was written in house by the ING techies


#7

Worth checking https://teller.io for legacy banks (or just for inspiration)


(Ben) #8

Alas - using teller means that I’ll be giving security credentials to third parties. One of the key reasons for me to develop my application is to avoid doing that :slight_smile:.


(Ben King) #9

I can almost completely guarantee you that giving security credentials to a third party would be more secure than attempting to do it on your own.


(Ben) #10

Ben - would you mind explaining a little further? Passwords can be stored using standardised encryption (with the key itself encrypted using a password) - I’m sure many people on this forum use tools like KeePass to manage their unique passwords for each website. Online banking pages can be scraped over HTTPS - so this will be no less secure than a web browser (arguably it’ll be more secure - the user won’t be able to click “continue anyway”!). The plan is for all of this to happen on the users local machine - the only web requests will be to bank websites over HTTPS (and possibly to GitHub to check for updates - still thinking about it).


(Tommy Long) #11

I’d definitely recommend you look at something like Electron, rather than using a Java applet.


(Ben) #12

Will that work? My reason for using Java is because I get hit by CORS when scraping online banking using JavaScript - I’m assuming I’ll have the same issue with Electron?


(Christopher Tilley ) #13

How would this be different from, say, Moneyhub or similar existing services?


#14

Simplifying slightly, but Electron would be to JavaScript what Swing is to Java i.e. a means of building your UI. Anything you could do with Node (think server-side code) you could do with Electron.

Probably best to go with whatever language you’re most familiar. I think scraping will be challenging whichever you choose. Using a headless browser might bring you more luck than simply trying to scrape HTML. I think Teller actually resorted to reverse-engineering the respective mobile apps because this was less fragile.


(Ben) #15

MoneyHub stores your security credentials in their database. If that database gets hacked you’re exposed to unlimited liability to fraud committed using your security credentials. I plan to encrypt your credentials (think KeePass - I don’t intend to roll my own crypto or anything crazy like that!) and keep them on your computer, only sharing them with your bank.


(Ben) #16

I’ve edited my OP to clarify my thoughts on tech stack - I certainly wasn’t going to develop my UI using swing! Basically the sole purpose of Java is to provide secure storage (handle encryption / decryption of credentials) and an API on localhost for legacy banks (whose online banking interfaces I’d need to scrape - I’ve run into CORS issues using pure JavaScript, but Python seems to work fine).

I don’t have too many concerns about scraping - I’ve managed it successfully using Python, and I think I’ll be able to port my code / logic over to another language fairly easily.


(Edward) #17

This sounds like YNAB (You Need A Budget) prior to them switching from a single-purchase locally run software model to a ‘cloud based’ subscription model. I still use YNAB 4 daily as my budgeting software across Windows and Android. At the moment, Transactions are entered either manually (for Mondo, which basically has no desktop presence at all at the moment) or for my other accounts by exporting transaction lists in a standard format.


(Alex Sherwood) #18

If you’ve got some tech skills - the set up looks pretty simple - it might be worth checking out this app :eyes:


Targets
(Ben) #19

I’ve got a compilers exam tomorrow so I’m not going to look at YNAB right now - but I suspect you’re right.

I intend for my application to automatically import data from online banking (by screen scraping - I’ve already had a fair degree of success) - so no more signing in and exporting as CSV.


(Edward) #20

I gave it a try, but it looks like its intended for the newer YNAB version: setup requires a username and password, which YNAB4 does not have, and following the ‘deploy guide’ just ends up with an error on Heroku and nothing happening on the YNAB end after adding the webhook to Monzo.


(Edward) #21

Maybe look at importing the MiData format, as that is standardised across all UK banks.