Aggregator Credentials

Stored brokerage and bank login credentials that aggregator services (Plaid, Yodlee, MX) use to sync your account data.

What it actually means

Aggregator credentials are usernames, passwords, and security-question answers that wealth-tracking apps store in third-party aggregator infrastructure (Plaid, Yodlee, MX) so the app can periodically read your account balances and transactions. The aggregator handles the actual login to your brokerage on your behalf, then exposes a normalized API to the wealth tool. The convenience: automatic balance syncing. The risk: if the aggregator is breached (Plaid 2022 settlement), every connected user's brokerage credentials are exposed.

Distinguishing it from look-alikes

Read-only aggregator integrations (where the wealth tool gets balances but cannot move money) are safer than write-access integrations, but both require credential storage in aggregator infrastructure. Manual-first wealth software (HELM) eliminates this entirely — operators enter values themselves; no aggregator credentials are ever stored.

Examples

HELM

Manual-first — zero aggregator credentials anywhere in the system

Mint, Personal Capital/Empower, Monarch

Aggregator-first — credentials stored in Plaid/Yodlee/MX

Direct API tokens (Coinbase OAuth, etc.)

Token-based — limited scope, no full credential storage