> On Jun 16, 2020, at 2:23 PM, Jean Laroche <rip...@gmail.com> wrote:
>
> People,
> In the past week, my credit union (Patelco) retired their OFX server which
> means it's no longer possible to download transactions using OFX. You can
> still do it manually by logging into your account etc, but it's no longer
> possible to use tools like ofxclient, ofxget and probably aqbank as they all
> rely on the same data.
> I've contacted them and asked them to reconsider but I'm not holding my
> breath.
> So my question is: What alternative is there?
> Are there 3rd party tools, aggregation services that can gather the
> transactions, from which it's possible to download into GC?
>
> At the moment, I'm using selenium (a tool to automate your browser) to do the
> various clicks required to download my transactions, but that's very
> fragile...
> Of course, I can also switch bank.
Jean,
>From
>https://www.patelco.org/-/media/patelco/pdfs/member-support/digital-banking-services/express-web-connect_windows.pdf
> it looks like they switched to OFX Web Connect. Unfortunately that's been the
>trend for the last 10 years, and I imagine that it's an easy sell to the banks
>considering the weak security offered by OFX Direct Connect. That also means
>that switching banks is at best a short-term solution because of that trend:
>The new bank is likely to do the same thing sooner or later.
I think the only really feasible workaround is to reverse-engineer the Web
Connect authentication. That would mean installing Quicken and setting up and
using OFX Web Connect while monitoring the traffic with wireshark.
https://redflagsecurity.net/2019/03/10/decrypting-tls-wireshark/ might be
helpful for decrypting the authentication traffic with the browser. No doubt
the quicken connection will also be encrypted so you'll need to find the keys
for that too to be able to interpret the traffic--and working out the key
exchange between Quicken and the bank will also be necessary. Frankly I would
expect a low probability of success without help from a crypto expert.
Regards,
John Ralls
_______________________________________________
gnucash-devel mailing list
gnucash-devel@gnucash.org
https://lists.gnucash.org/mailman/listinfo/gnucash-devel
