When your merchant partners with Stripe to access your financial data, they’ll embed Stripe’s authentication flow in their product to enable you to seamlessly link your account. In the authentication process, you’ll be able to see what data your merchant is requesting to access, and you’ll be able to choose which account(s) you want to share with your merchant and Stripe. You can also choose not to link your account.
If you consent, Stripe can successfully establish a connection to your account in one of two ways:
In some instances, when you input your login credentials in the credential pane, you may be logging into your financial institution via an OAuth connection. In these cases, your financial institution login screen will open in a new window and display the url of the financial institution’s website. After you input your credentials, your financial institution will then provide Stripe access through a token that we will use to regularly obtain updated data that you’ve agreed to share from your account.
In other instances, when you input your login credentials in the credential pane, you are providing your credentials to Stripe and/or one of our trusted service providers. Stripe and/or our service provider may store and use your credentials to regularly collect updated data and provide it to your merchant.
Stripe will retain the data that you’ve consented to share and also make a copy of the data requested by your merchant available to them. If your merchant would like to access additional types of data from your account in the future, they will need to collect additional consent from you. We do not share your login credentials with your merchant.