Plaid Support & Security

Learn how we use Plaid to make your life easier

What is Plaid?

Plaid is a technology company that provides a platform for users to connect and manage their financial accounts, including investment accounts. The platform allows users to securely connect to their financial accounts, and use that information to track their spending, manage their budget, and make investment decisions.

In the context of downloading investment transaction history, Plaid allows users to easily and securely access their investment transaction data from a variety of institutions, including brokerage firms, and use that data in financial management and investment tracking applications. This can save the user time, especially if the user has multiple investment accounts, so that they don't have to manually download statements and organize them. Additionally, since the data is coming directly from the financial institution, it is considered more reliable and accurate.

Why link your account?

My Trading Journal (MTJ) has implemented an advanced parser that parses the data from Plaids API service which supports more than 10,000 financial institutions. After authentication with your financial institution, it only takes one-click to download your transaction history and start viewing statistical data to journaling your progress. It can't get much easier than that.

Plaid allows MTJ to download your investment transaction history data in a completely safe, trusted, and secure way. MTJ never stores any user data from Plaid. Plaids services are well-known and trusted world-wide and MTJ is an approved and authorized application supporting Plaids API.

Is my data secure?

Yes! Your data is secure. My Trading Journal (MTJ) not only follows all industry encryption standards but also maintains only the minimum possible data required to support plaids integration. NO data that is fetched is saved or stored anywhere. All transaction history requests are fetched, parsed, downloaded directly to the users device, and then immediately deleted.

The only user data that is stored on MTJ's servers are the encrypted Access-Token and Item-ID provided by Plaid. This data is anonymized, encrypted, and securely stored, and can only be decrypted with data provided from the users device running MTJ and a key stored and encrypted on MTJs servers. MTJ also follows Plaid's best practices and design guidelines for storing and accessing user data.

In addition to all the security measures implemented. All access-tokens and item-IDs are automatically rotated every 30 days.

What's the worst that could happen if a data breach occurred?

Let's hack this database hollywood style and find out!

Story Time

In the heart of Silicon Valley, an elite team of hackers sat in their dimly-lit underground bunker, their eyes glued to the screens in front of them. They had set their sights on one of the biggest and most secure databases in the financial world: the servers of My Trading Journal.

With lightning fast fingers and an arsenal of the most advanced hacking tools, the team set to work cracking the impenetrable defenses of the database. But this was no ordinary hack. The data was encrypted with multiple layers of security, each one more complex than the last. But the team was not easily deterred. They worked tirelessly, pouring over lines of code and running simulations, until finally, they found a vulnerability.

With a sly grin, the team leader typed in the final command, and the servers of MTJ lay open before them. The first thing they would notice, is that they could not do anything with the data unless they knew both a unique piece of data from the users device and the key (which is stored far from the reach of the database). All they had was a long string of scrambled data! They became angered as their journey was far from over. They still had to decrypt the data, and it was heavily encrypted (plus there exist thousands of ways to encrypt data, so they would need to figure out 'how' the original data was encrypted as well). But these were the best hackers in the world, and it is Hollywood, so in one scene they quickly wrote an algorithm to decrypt everything.

With the data in hand, they scoured the servers, searching for the one thing they wanted: full account access (which is impossible as MTJ is never granted this type of access). But they quickly realized that the data was still restricted by Plaid's security policies. They would need another key to unlock it: the secret client id.

Well... at this point, what do they have? They have a long string of data (access token) that is restricted by Plaid own security policies. What does this mean? It means that they can't use the access token's unless they also have the secret client id for interacting with Plaid and MTJ. This 'client ID' (which is also rotated regularly) can be rotated at a moments notice. Aka, if MTJ was notified that a data breach had occurred, all tokens and the client ID would be rotated within an hour of notification.

Determined to succeed, the team set to work cracking the client id. It was a race against time, as MTJ could rotate the id at a moment's notice. But the hackers were relentless, and finally, they succeeded. With the client id in hand, they downloaded all the user data before any security protocols could be triggered.

But what did they find? All they had was the investment transaction history, the last 4 digits of the account number, and a financial institution's reference id (Which requires yet another request to decode), nothing could be done with this data, it was worthless. MTJ's encryption was simply too good. And as the team retreated back to their bunker, they knew that the data was secure, and that their hack had been for nothing.

So is your data secure? Yes. My Trading Journal follows all industrial encryption standards and maintains Plaids recommended design for all data fetched and stored

Is Plaid Free

Unfortunately, no. Plaids services are not free and are based on a subscription plan. However, linking one broker is always FREE and included with your MTJ subscription. That is, one financial institution can be linked at a time within one month. This design is based on Plaids subscription model. Also note, that if you have multiple accounts at the same broker, this only counts as only 1 linked account. So you can link as many accounts that you have under one login.

If you have multiple brokers and would like to link them as well, MTJ has implemented an at-cost subscription add-on for doing this. I understand the struggles of learning how to day-trade so I'm trying to keep MTJ as low priced as possible 💪. Offering an incredible application for the price of a Starbucks latte per month.

Also note that the legacy brokers are still supported and free to use. As well as the Generic Broker (found under legacy brokers), that can import a .csv transaction statement.

How does Plaids subscription service work

Included in the MTJ subscription is 1 free link per month. That is, one financial institution can be linked at a time within one month. The design is based on Plaids subscription model. Also note, that if you have multiple accounts at the same broker, this only counts as only 1 linked account. So you can link as many accounts that you have under one login.

Plaids subscription billing cycle resets at the end of each calendar month (UTC time). If you want to link a new account and don't want to upgrade, you should wait until the end of the month to unlink your current account, then link a new account at the start of the next month.

Press the 'sync' button on the Broker Integration page to update the table and display how many linked accounts you have used this billing cycle.

MBS 3x, mo 4/6

In the above e.g, 4 is the number of linked accounts this month and 6 is the number of links allowed under your current subscription. The number of linked accounts per month resets at the start of a new calendar month. It will reset to match the actual number of linked accounts currently active.