I’ve been keeping an eye on Teller for a while. There is additional discussion at Competitor update.
The owner is clearly is of the view that PSD2 (the coming EU legislation) and general API access is never going to be up to scratch, so he reverse-engineers, as you say. It’s definitely part of his plan to disrupt, agitate and pressure legacy banks into cooperation. He even tweets at legacy bank customers experiencing issues where he could help and asks them to help out by asking the legacy bank to cooperate.
However, he has agreed a level of proper integration with Nationwide, which interested me… he does this by getting a one-time code from your card+online banking card reader and passing it to Nationwide, who then allow him future access to the API. He doesn’t support bank transfers yet, but I believe he told me that this will be coming.
My problem is that we grant Teller full access - whether it’s by giving up the logins, or with a more advanced scheme (eg Nationwide). And if all my money goes walkies, I could be in trouble! I would happily give them read-only access. For those of us who understand Oauth2 - I want the legacy and challenger banks to provide clear scopes of access and allow me to choose which!