Capital One and DirectConnect - any advice appreciated
David Reiser
dbreiser at icloud.com
Sun Jan 3 20:58:43 EST 2016
> On Jan 3, 2016, at 7:38 AM, Steve <butterandsalt at gmail.com> wrote:
>
> To revive an old thread...
>
> I haven't tried calling Capital One yet, but was curious if anyone solved
> the mystery of what to put in the ClientUID field in order to be able to
> successfully download Cap1 credit card transactions?
>
> Thanks. Steve
>
In the Intuit realm, the ClientUID is generated by Quicken for each data file when it is created. That ClientUID remains in the data file, so there are no changes across Quicken upgrades. Given that Quicken generates the numbers, it seems unlikely to me that Capital One will have any idea what you’re talking about if you ask them what to ‘put in’ that field.
The Intuit ClientUID is a 32-character ASCII representation of a hex number. Find any UUID generator you trust, take its output and strip the hyphens that are usually added to most UUIDs, optionally make any alphabetic characters lower case (case shouldn’t matter, but I’ve read one report that it might), and paste that result into the ClientUID in the User Settings of the AqBanking setup Edit User dialog.
You’ll also need to change the Header Version data field in the Application Settings tab of the same Edit User dialog to 103 instead of 102.
With a value in ClientUID and the right header version, aqbanking sends the ClientUID in a way that is compatible with current Intuit QFX servers. If Capital One isn’t using Intuit server software, you might have additional issues.
All this hassle only covers half the problem though. For ClientUID to do any good as a security precaution, the bank needs some way to authenticate the connection between you and that ClientUID. Chase recently switched to requiring a ClientUID, and they are using an out-of-band secure message linked to a screen where customers can click a button to say “Yeah, that’s me”. You might be able to get Capital One to tell you how you authenticate a new data file in Quicken. But I recommend finding a friend that uses Capital One and Quicken, and ask them what happened the first time they connected.
I think the reason Chase just changed to requiring the extra security (aside from the fact that the banking oversight authorities have been insisting on multifactor authentication for several years…) is that with Intuit’s standard sunsetting of DirectConnect capability in older Quicken versions, banks now know authoritatively that any customer who can use DirectConnect has a version of Quicken that can handle ClientUIDs.
If you’ve never connected to Capital One, you might be in for a challenge. There are several instances of Capital One in the AqBanking setup wizard. Choosing the right one will probably require trial-and-error identification of the right server. Good luck.
--
Dave Reiser
dbreiser at icloud.com
More information about the gnucash-user
mailing list