What do I need to know about sharing my account information with third parties?
Bank of America values customer choice and wants you to securely access your information when and where you want. Sharing your account information with third party apps and websites can potentially expose you to privacy and security risks and should be carefully considered.
Any data shared with a third party will be governed by the third party's privacy and data retention policies. We recommend reviewing those policies before sharing your data to understand how the third party will use and store your account information. For example, look for whether they sell any of your information and what happens to your data if you leave the service or it goes out of business.
For additional information, go to Privacy Notices and Choices to view the Online Privacy Notice.
Is it safe to share my login information with third parties?
When you share your login information with a third party, they have the same access to your information as you do. This means you usually can’t choose how much information they can access. Furthermore, they store your login information, which could be compromised if they have a security breach. Even if you’re not actively using the third-party service or you stop using it, they could continue to access your information.
What is Bank of America doing to make the info I share with third parties more secure?
We've introduced a more secure way for third-party providers to access your Bank of America accounts. Instead of sharing your login credentials, you'll log in directly to Bank of America and give your consent to share your data safely. You can view a list of third-party services in Mobile or Online Banking who access your data, but use our more secure method, and you can revoke your permission for them to access your account information at any time.
How do I benefit from third parties using Bank of America's secure data-sharing protocol?
- Security - the amount of data third parties can access is reduced, and the need for third parties to store and use your login credentials is eliminated
- Transparency - you gain insight into what specific data elements are being shared
- Control - you can revoke your consent to any third party at any time
How do I revoke access to my account information for a third party that is not using Bank of Americas secure data-sharing protocol?
If you shared your login information with a third-party app, you can try to remove access directly from the app or service, but the safest and most secure way is to change your Bank of America password.
What happens If I choose to revoke access to a third party that’s using my login information?
If you revoke access, the third party will no longer have ongoing access to your account information. However, they may still be able to retain and use the data that you previously shared, thus why it is a best practice to change your Bank of America password.
Sharing your User ID and Password with third parties can mean they have the same access to all your financial information as you do (you won’t be able to choose how much to share). Some of these services store your login information, which could be compromised if they have a security breach.
To help protect your information, we suggest you:
We’re working with many services to implement a more secure way they can access Bank of America accounts without requiring you to share your User ID and Password. You can log in to view a list of third-party services that are using our more secure method, and you can revoke access to your account information at any time. If your list isn’t displaying a specific third party to whom you’ve given access, it means we’re still working with them to implement our more secure solution.
