7. Have banks given Planto permission to access my data?
Planto is not in partnership or related to any banks in Hong Kong. Your financial data is aggregated using a method called 'screen scraping' - a method where users input their online bank credentials (including OTP, 2FA, etc.) and provides consent to retrieve transaction data from the bank's platform. This is a common practice by platforms that integrate thousands of banks globally, helping millions of customers. Planto does not store your personal sensitive information and only retrieves financial data that appears on the app and as per our Privacy Policy. Planto has built this screen scraping method in-house to ensure the highest security and that your data is NEVER exposed to any other third-party without your consent.
8. Does Planto support Two Factor Authentication?
Planto supports multiple forms of authentication including 2FA, token and mobile authentication. We currently support this for HSBC, SCB, BOC HK, ICBC and DBS and will continue to expand the list.
https://www.planto.hk/en/security/overview/