1
votes

A client I work with wants to know if it's possible to use the Yodlee API to look up recent transactions on any credit card.

They'd like it to work without the user needing to be signed up with Yodlee, either directly at the site, or indirectly through a branded partner.

I assume this would be possible if the credit card company itself shared it's transaction data with Yodlee directly, and made it available to their API customers, but I haven't been able to figure this out from the docs available on their website, and haven't been able to reach anyone at Yodlee themselves to ask.

2
I haven't received any feedback on this from Yodlee themselves, but from this blog post by a recent Yodlee implementor, it appears that users must sign up with your site before you can look up transactions on their card by card #: blog.luksidadi.com/yodlee-integration/#comment-1544Brad Parks
The credit card companies don't share any data. It's the cardholders bank that shares the data. That is why the cardholder must sign up (via their bank). Also - did you reasonably expect to be able to fetch transaction data for any random person's credit card? That seems to be open to massive amounts of misuse.PaulG
I asked a question. I didn't expect anything ;-) The world is a world of free choice, and fine print... I'm sure it could be in the Yodlee fineprint somewhere that if you said yes to any of their 3rd party cobrands, that the data was available to any cobrand. I was asked this exact question by my client, and tried to find an answer from Yodlee's docs, phone, email, and forum support with no answer. So reasonable to ask a question where fine print could have allowed this to happen? I think so.Brad Parks

2 Answers

3
votes

I work for Yodlee. Sorry to hear you're having a hard time getting a hold of us. To answer your question, yes the user has to explicitly authorize any application that leverages the Yodlee API and explicitly add access to their financial accounts for that application.

Best, Grace

1
votes

Yodlee screenscrapes websites to retrieve it's information.

Which means that they physically (but in an automated fashion) visit the website in a browser (IE8). Thus to pull any information down they have to visit the website, log in successfully, (optionally but more so on more banks; authenticate the computer) and then they can see all of the information that the user sees. Their API acts as a real time bridge between you (the end user using your website or app) and this browser.

So you have to either implement their very much so convoluted Yodlee API or use one of their generic hosted pages and direct the user to it where upon he/she enters the necessary information. You also have to have an agreement with them too. You also have to convince the user to do it :)