“We believe in the use of APIs and tokenizing so the credentials aren’t shared and the process is ultimately transparent,” Gaston said. “Customers' sharing credentials with third parties is not secure, and we want to provide transparency and control, so we want to know which specific bits of information have been taken so we can make sure the customer understands and has the opportunity to consent. We think APIs are the best way to achieve that.”