The last time Hackerfall tried to access this page, it returned a not found error. A cached version of the page is below, or click here to continue anyway

Big Banks Lock Horns With Personal-Finance Web Portals - WSJ

Nov. 4, 2015 7:30 p.m. ET

J.P. Morgan Chase JPM 2.03% & Co. and Wells Fargo WFC 0.61% & Co. are snarling the flow of data to popular websites that help consumers manage their finances, according to people familiar with the matter.

Banks, facing increasing competition from these companies, are becoming more protective of their customer information and are limiting how much data they pass on. The moves also reflect growing concern within the banking industry that rising use of such sites will overload bank servers, on top of worries that customer data could potentially be vulnerable to hackers.

The banks have been grumbling for months that so-called aggregator sites could present growing risks to consumers because of the detailed financial information the sites require from users. The tensions reached new heights in recent weeks when J.P. Morgan and Wells Fargo restricted customers of Mint, one of the most popular aggregators, from accessing their bank account information for at least several days, these people said.

J.P. Morgan Chief Executive Officer James Dimon expressed concern about the issue in a recent meeting with Richard Cordray, head of the Consumer Financial Protection Bureau, said people familiar with the interaction.

Representatives of J.P. Morgan and the CFPB declined to comment on the meeting.

Sites such as Mint tout their services that give consumers one place to view all of their financial data. Customers who sign up for these services typically provide their passwords and other login information for their various financial accounts.

The sites then collect myriad dataoften including bank accounts, credit-card balances, frequent-flier miles and retirement savingsto help consumers with budgeting and other financial planning. An aggregator, for example, can tell consumers when they have spent more than their monthly budgets on dining out.

Mint is a unit of Intuit Inc., INTU -0.19% owner of personal-finance software Quicken.

Mint said that delivering secure and seamless connectivity is a shared priority across Mint and our financial institutions partners.

These types of sites have been around for years, but banks have become more concerned as they proliferate and offer an increasingly broad range of additional services.

The banks argue that consumers may unknowingly be putting their data at risk because they keep so much of the confidential information in a single place, said people familiar with their position. In addition, it isnt clear if consumers finances would be protected if they willingly handed over their confidential information to a site that was later hacked, they said.

That issue hasnt been tested because no aggregator has been the victim of a known major data breach.

The evolving relationship between the banks and aggregators is complicated, partly because the banks sometimes partner with these firms to provide the services for their customers. Some big banks pay aggregators to power the financial-tools platform on the institutions websites.

In recent weeks, J.P. Morgan Chase shut off, or throttled account access to Mint and its customers because the bank was being flooded with data requests from the company at a time when traffic was already high on the banks website, said a person familiar with the matter. The action essentially prevented Mint customers from accessing their Chase accounts through the Mint platform.

The person said the decision to cut off Mint was more of a technical matter than a shot across the bow to warn aggregators that they could turn them off at any time.

At Wells Fargo, the bank added an additional level of security to its accounts last month that prevented aggregators from being able to automatically retrieve customer data, according to a person familiar with the matter. A Wells Fargo spokesman said in a statement that the move may impact the ability of financial aggregator services to gather customer information.

The issue isnt confined to those two banks. The Clearing House, a bank-industry organization, has recently been trying to assess potential risks and security gaps the sites could present, but hasnt yet issued any recommendations. The organization is responding to increasing complaints from bank executives, said a person familiar with the matter.

Some banks also are warning customers on their websites that they face security and privacy risks when providing confidential data to third-party services.

The campaign from the financial industry represents a renewed effort by banks to keep their customers at a time when they are facing competition from a growing number of well-funded startups.

In many cases, those startups are trying to pry away pieces of bank business, while using the banks data or technology infrastructure.

Some argued that banks are on the wrong side of the technology revolution by trying to restrict the flow of data.

We should live in a world where consumers should have access to their full transaction histories and shouldnt need permission from the president of a bank to make that available to other service providers, says Thomas Brown, a partner at law firm Paul Hastings LLP who represents companies that utilize financial data.

Some consumers likewise said they are not dissuaded by potential privacy risks. David Goodman, a 25-year-old software developer from San Francisco, said he checks his Mint mobile app more than 20 times each day and was frustrated recently when he couldnt access his Chase account through the site for about a week.

I use Mint because I love it. I only use Chase because thats the account my parents first set me up with when I was a teenager, he said.

People familiar with the banks said that they are likely to continue restricting aggregators to prevent overwhelming the bank websites. By doing so, however, banks may risk losing customers like Mr. Goodman.

—Bradley Hope and Daniel Huang contributed to this article.

Write to Robin Sidel at robin.sidel@wsj.com

Continue reading on on.wsj.com