Coinbase’s ’Data Plumber’ Denies All Allegations – Coinbase’s “data plumber” denies storing users’ login credentials in plain text along with all the other allegations in a new class-action complaint.

A source close to Plaid — the company that serves as a “data plumber” to Coinbase, Robin Hood, Square’s Cash App and many others — denied all allegations of the class-action complaint that was recently filed.

The entire complaint hinges on the allegation that Plaid sells user data to the “highest bidder.” A Plaid spokesperson called this allegation “baseless.”

See more: BCH Backer Claims Bitcoin Wallet Double-Spend Issue Hasn’t Been Fixed

A money-making operation?

A source close to Plaid’s legal team, speaking to Cointelegraph on the condition of anonymity, reaffirmed that the company has never sold user data in any shape or form. They also opined that this is just a “money-making operation” for the lawyers:

“They see companies in a particular position, like getting acquired or having an investment. And that’s a big money-making operation for them.”

This statement refers to the fact that Plaid is in the process of being acquired by Visa — a deal that has not yet been finalized. This puts Plaid in a vulnerable position.

Visa did not respond to Cointelegraph’s request for comment.

PNC Bank blocked Plaid in 2019

The complaint alleges that Plaid collects data going back five years and going forward “in perpetuity.” It also allegedly collects health-related data without storing it in compliance with the Health Insurance Portability and Accountability Act, or HIPAA. Our source assured Cointelegraph that Plaid only stores the amount of data necessary for the services it provides. They also said that the company does not intentionally collect users’ health data.

The source also denied the allegation that Plaid stores users’ login credentials in “plain text,” making it vulnerable to hackers. On the contrary, the company takes “security very seriously,” the source said.

The complaint mentions a case from 2019 when PNC Bank blocked Plaid. It states that the reason was that “aggregators access account numbers, many store them indefinitely, often unbeknownst to customers.” Our source declined to comment on this case.

Coinbase relies on Plaid

Coinbase’s website confirms that the company relies on Plaid for account verification and the data is never shared with the exchange, rather it stays with its “data plumber”:

“For US customers, you can verify your account in just a few minutes by entering your bank credentials. You may be familiar with this process if you’ve ever verified a bank account on Paypal or similar services. These banking credentials are never sent to Coinbase, but are shared with an integrated, trusted third-party, Plaid Technologies, Inc., to facilitate instant account verification. This service may store the provided credentials for verification purposes or use them on a per-transaction basis for fraud prevention, and to help verify a sufficient balance is available to process your transaction.”

Coinbase has not replied to our request for comment in time for publication.

As we have learned from numerous legal cases, a resolution may take some time. On the other hand, Plaid’s unfinalized acquisition places it in a vulnerable position. That may lead this case to a settlement sooner than would be otherwise expected.

The plaintiff’s legal team did not respond to Cointelegraph’s inquiry.

Follow Cointelegraph

Pin It on Pinterest

Share This