Secure your affiliate account
Affiliate Author's Corner
Chuck Marunde  

Secure Your Affiliate Payouts with Confidence: Security is Our Top Priority

When you sign up as an author or affiliate with BooksOnline.Club, you’ll be asked to connect your bank account so Stripe can send your payouts. At this step, Stripe gives you two options:

  1. Instant verification using Plaid, or

  2. Manual verification using Stripe’s ACH micro-deposit method.

Both options are safe, and neither Stripe nor BooksOnline.Club ever sees or stores your online banking password. However, the way Plaid works depends on how your bank connects — and it’s important you understand both possibilities.

How Plaid Works with Different Banks

Plaid offers two secure verification methods depending on your bank:

1. OAuth Flow (Most Common for Large Banks)

For most major U.S. banks — such as Chase, Wells Fargo, Bank of America, Capital One, Citi, and others — Plaid uses a modern, token-based process called OAuth.

When you select your bank during setup, Plaid redirects you to your bank’s own secure website or mobile app. You enter your login credentials directly with your bank, not with Plaid and not with Stripe.

Your bank then verifies your identity and sends Plaid a secure, encrypted token confirming ownership of your account. Plaid passes that token to Stripe, and Stripe uses it to connect your bank account for payouts.

In this OAuth scenario:

  • Plaid never sees your credentials.

  • Stripe never sees your credentials.

  • Your login is handled entirely by your bank.

This is the preferred method and is becoming the standard for most financial institutions.

2. Credential-Based Flow (Used by Some Smaller Banks and Credit Unions)

If your bank doesn’t yet support OAuth, Plaid uses its secure credential-based flow instead.

In this case, you enter your online banking credentials directly into Plaid’s secure interface. Plaid encrypts your credentials immediately and sends them securely to your bank once to verify ownership of the account. Once your bank confirms, Plaid exchanges your credentials for a temporary verification token, discards your credentials from memory, and sends the token to Stripe.

In this credential-based scenario:

  • Your credentials do briefly pass through Plaid’s secure servers, but:

    • They are encrypted in transit using bank-grade TLS security.

    • They exist in Plaid’s secure memory for only fractions of a second.

    • They are never stored on Plaid’s servers.

  • Stripe still never sees your credentials.

Even though this method involves Plaid processing your login temporarily, it is designed to be highly secure and meets strict financial industry security standards.

How Manual ACH Verification Works

If you prefer not to use Plaid at all, Stripe offers manual ACH verification. With this method, you provide your bank’s routing number and account number directly to Stripe. After that, Stripe sends two very small test deposits — usually less than a dollar each — into your bank account.

These test deposits typically take about two business days to arrive. Once they do, you’ll need to:

  1. Log in to your bank account to see the deposit amounts.

  2. Return to your Stripe account and enter the exact amounts to confirm ownership.

Until you complete this step, Stripe cannot verify your bank account, which means the entire process may take two days or longer depending on how quickly you confirm the deposits.

Manual ACH verification is just as secure as using Plaid, but it takes extra time because of the multi-step process.

Which Method Should You Choose?

If your bank supports Plaid’s OAuth flow, instant verification is the fastest and most secure option. Your credentials never leave your bank’s website or app, Plaid never sees them, and Stripe only receives a secure token.

If your bank doesn’t support OAuth, Plaid will use its secure credential-based method, which is still very safe but briefly processes your credentials in encrypted form before discarding them.

One reason hacking through Plaid is a virtual impossibility is that your banking information only arrives at Plaid “encrypted”, which means it is unreadable, but there’s another level of security. Your encrypted credentials never actual get on a Plaid server. They are only in RAM (random access memory or short term memory) for “fractions of a second” and then that memory is instantly deleted in constantly evolving “rooms” of RAM that are instantly deleted. None of your data ever gets reacorded on their servers hard data storage. There are actually multiple additional methods of security. Plaid’s computer servers that receive your encrypted account information have that encrypted data in random access memory for only milliseconds before it is deleted. In addition, that RAM is in randomly created RAM “rooms” that are constantly created for this purposes and immediately permanently deleted. All of this is secured in a place that does not have Internet access, so hacking into those servers is impossible unless someone is physically present at the server, but they would never know where that server room is or which server it is. Plaid uses Amazon’s secure server system, one of the highest secure servers in the world. All of these security measures do not even end the levels of security that remain. AI estimates that the actual odds of someone being able to be present at the server, take root control, know where to be in random access memory at the exact millisecond your encrypted data is there prior to instant deletion, makes all of this basically unhackable. AI indicated the probability of someone being able to collect your banking login name and password when you submit it to Plaid is approximately one in one trillion. In other words, it’s impossible. No hack has ever occurred in such a multi-secured system . . . ever. Hacking RAM is unheard of and for all purposes impossible.

Still, if you prefer not to use Plaid at all, manual ACH verification is available and equally secure — it just takes a little longer to complete.

Final Reassurance

At BooksOnline.Club, your privacy and security are our highest priorities. Whether you choose Plaid instant verification or manual ACH verification, your banking information is encrypted, protected, and handled using the highest security standards in the payments industry.

  • Your online banking password is never shared with Stripe.

  • Your credentials are never stored by Plaid in a readable form.

  • BooksOnline.Club never has access to your login credentials at any point.

No matter which method you choose, your payouts are safe, secure, and always under your control.

It’s not Plaid or Stripe you should worry about. The real threat to your personal and private information is malware on your computer or iPhone, or phishing attacks on you through your email or texting. Those are the real threats to your personal and financial security.

Chuck Marunde

Leave A Comment

Looking for a Great Book to Read? Here it is . . .

What's it like growing up off the grid in remote Alaska? I did, so I wrote a book about it. I grew up in a 900 sq.ft. cabin with no electricity, only a homemade barrel stove for heat, no running water, and an outhouse. There were 2 tiny bedrooms, one for mom and dad, and the other for me and my 2 sisters and brother. We had to hunt and fish to feed the family, and cut 10 cords of wood to get through the long winters. There were tragedies and miracles, and some hilarious true stories. Buy the eBook or the Audiobook.

Preview & Buy