You may notice that some institutions require you to enter your username and password while others use a method called OAuth. This difference stems from the varying levels of technological adoption and security protocols employed by different financial institutions.
Username and Password Authentication
How it Works: This is the traditional method of accessing online accounts. You provide your username and password directly to our secure third-party partners (like Plaid or Flanks) who handle the authentication process.
Why it's Used: Some financial institutions, particularly those with legacy systems, may not yet support modern authentication methods like OAuth.
Security: Rest assured, your credentials are never stored by Peek. They are securely transmitted to our partners and used solely for the purpose of establishing a read-only connection to your accounts.
OAuth Authentication
How it Works: OAuth (Open Authorization) is a more modern and secure authentication method. It allows you to grant Peek access to your financial data without directly sharing your login credentials. Instead, you're redirected to your bank's website to log in and authorize the connection.
Why it's Used: Financial institutions that have adopted OAuth prioritize enhanced security and user control. OAuth eliminates the need to share your sensitive login information with third-party apps, minimizing the risk of unauthorized access.
Benefits:
Enhanced security: Your credentials remain solely with your bank.
Improved user experience: OAuth often offers a smoother and faster connection process.
Revocable access: You can easily revoke Peek's access to your data at any time through your bank's settings.
How to Tell When an OAuth Connection is Being Used
When connecting your financial accounts to Peek, you can usually identify an OAuth connection by these key indicators:
Redirection to your bank's website: Instead of entering your username and password directly within the Peek app, you'll be redirected to your bank's website or mobile app to log in and authorize the connection.
Explicit authorization request: Your bank will typically present a clear message asking you to grant Peek access to your financial data. This message will specify the type of data Peek is requesting and the duration of the access.
Option to review or revoke access: After authorizing the connection, you should be able to review and manage Peek's access to your data within your bank's online banking portal or app settings.
Peek's Commitment to Your Security
Regardless of the authentication method used, Peek maintains the highest standards of security and privacy. We work exclusively with trusted partners who employ robust encryption and data protection measures. Your financial information is always handled with the utmost care.
If you have any further questions about our authentication methods or security practices, please don't hesitate to reach out to our support team.