Recent revelations that some companies haven’t treated data with all the respect it deserves should serve as a reminder to think about who has access to your data and how it's being used.
One way your data may be accessed is through ‘screen scraping’. You might not have heard of the term before, but it’s an important one to know.
What is screen scraping?
In the simplest terms, scraping is a process of automated data gathering.
Technopedia has a slightly more technical definition:
“Screen scraping is the process of collecting screen display data from one application and translating it so that another application can display it.”
So, screen scraping lets interfaces (like Moneytree) access data from other interfaces, legacy systems, or systems not originally built with data portability in mind.
Why is scraping necessary?
Helping systems ‘talk’ to each other is fundamental to how the internet operates. When you’re online, chances are there’s scraping technology running in the background, helping to deliver that seamless experience you’ve come to expect.
In Australia, we are lucky to have world class internet banking and great mobile banking experiences. However, many services are only provided through the financial institution’s own app or website, meaning that if you do your personal banking with one bank, but run a business through another, you have to login to each app separately. Most credit cards, securities, and loyalty programs are also on separate apps or websites.
All that switching can make it hard for people to have a clear understanding of their actual financial position. Using scraping, Moneytree allows you to view accounts from different banks, credit cards, and other financial products (like your Super), in one place.
There are alternatives to screen scraping, such as direct connections to third-party apps and services. These connections are called APIs, or Application Programming Interfaces. You’ve probably been hearing a lot about APIs, as the Australian government is currently reviewing how APIs should be provided. The proposed legal framework behind making APIs available to third parties is called ‘Open Banking’.
But legislation takes time to become law, and systems take even longer to implement. Until APIs become widely available and implemented, services like Moneytree will still rely on screen scraping to gather essential data on behalf of their users.
Is screen scraping safe?
Some parties assert that when a scraper logs into a service on your behalf, that scraper is impersonating you.
In truth, screen scraping is just a tool; and, like any tool, scraping can be utilised by anyone. So, a better question might be, “How do businesses like Moneytree scrape in an ethical, safe, and secure manner?”
Let’s start with how the technology works. It’s probably easiest to imagine scraping technology as a web browser, take Firefox for example. Starting from there, we add some automated process, and layer-on additional security to harden the browser against potential attacks.
Moneytree only accesses data for users who have expressly authorised us to do so. Our strong privacy policies eliminate the potential misuse of credentials like usernames and passwords.
Moreover, Moneytree delivers bank-level security, including end-to-end encryption and strong internal controls for limiting how and when data is accessed. Our Security Q&A blog post tells you more.
Our service does not circumvent any existing security measures. If your bank requires additional information, like a one-time password to view your account, Moneytree displays that request in the app.
Moneytree already has over a dozen major bank partners, all of which required full security audits; many even required on-site inspections of our premises and hardware security infrastructure before agreeing to work with us.
How often does Moneytree screen scrape?
Our active users open Moneytree app an average of three times a day, so we provide four refreshes. If you’re too busy to check Moneytree, we’ll refresh in the background once a week so that you can still get alerted to important transactions like incoming and outgoing payments. Subscribers to our Moneytree Work Expenses service can get updates on demand, plus an automatic daily background update for good measure.
Moneytree can only update your data as fast as your financial institution does. Many financial institutions manage similar transactions as groups, often called ‘batches’, and process those batches on a schedule. As a result, you might not always be able to access your latest information in real-time.
What does Moneytree do with my data once it’s been scraped?
Keeping your data secure is at the heart of how Moneytree operates. We’re committed to security, privacy, and transparency. __ __Ready to take a proactive approach to managing your finances? It’s easier with Moneytree.
Author: Moneytree Team
Giving you the skinny on spending, saving, and everything in between. We're sharing our favourite tips, trips, tools, and insights, to help you get more out of your money.