[GNC] Using Quicken direct connect with USAA

Jon Schewe jpschewe at mtu.net
Mon May 25 11:59:12 EDT 2020 

Alan,

Thanks for the suggestion. I tried not setting any special settings and
make sure the SSL v3 is unchecked. Still no change.

As far as security goes, this method for getting my transactions
appears less secure than using Web Connect. When I login to get to the
Web Connect download I need to enter a one time password from my phone,
but for Direct Connect I only need my PIN.

Jon

On Mon, 2020-05-25 at 11:48 -0400, Alan wrote:
> Jon,
> 
> Disable SSL v3. Info at wiki.gnucash.org is wrong. It's not secure, and no
> reputable financial institution should be supporting it for financial
> transactions.
> 
> As of this moment, USAA is only supporting TLS 1.2 and 1.3, which are secure.
> Suggest not setting any of the "special settings" options, and never enable SSL
> v2 or v3 for any program, except for testing with non-sensitive data.
> 
> -----Original Message-----
> From: gnucash-user
> [mailto:gnucash-user-bounces+alangnuc=bigtowers.net at gnucash.org] On Behalf Of
> Jon Schewe
> Sent: Monday, May 25, 2020 10:36 AM
> To: gnucash-user <gnucash-user at gnucash.org>
> Subject: [GNC] Using Quicken direct connect with USAA
> 
> I have been using the Web Connect with USAA for years and that's worked great.
> However now I see that they are discontinuing support for this feature. So I'm
> trying to setup Direct Connect. I found the instructions for setting up USAA at
> https://wiki.gnucash.org/wiki/OFX_Direct_Connect_Bank_Settings#USAA,
> however I'm not seeing the "Server Capabilities" tab to select the account list
> download options.
> 
> I'm using GnuCash 3.10 from flatpak.
> I'm on Linux.
> 
> I have the following Settings:
> "User Settings"
> User Name, User id and Client UID all set to my USAA number. I have tried both
> with the 00 prefix and without.
> 
> "Bank Settings"
> Broker ID: 5874
> FID: 24591
> ORG: USAA
> Server URL: https://service2.usaa.com/ofx/OFXServlet
> 
> "Application Settings"
> I've tried the default application settings and the settings that should be for
> Quicken 2017:
> Application ID: QWIN
> Application Version: 2600
> Header Version: 102
> 
> Under "Special Settings" I've tried HTTP Version blank, 1.0 and 1.1.
> I've checked "Force SSLv3".
> 
> When I go back to the "Bank Settings" tab I see the following after clicking on
> "Retrieve Account List".
> 
> 09:26:37 Sending request...
> 09:26:37 Using GnuTLS default ciphers.
> 09:26:37 TLS: SSL-Ciphers negotiated: TLS1.3:ECDHE-RSA-AES-256-GCM:AEAD
> 09:26:37 Waiting for response...
> 09:26:37 Operation finished, you can now close this window.
> 
> The AqBanking Setup never lets me get to the point of associating USAA accounts
> with GnuCash accounts. Can someone give me some pointers on what is wrong here?
> 
> Thank you,
> Jon
> 
>

More information about the gnucash-user mailing list