Comparison

BankBridge vs building your own bank MCP server

6 min read
You can build your own. You'll need a bank aggregator account, OAuth 2.1 + PKCE + Dynamic Client Registration, AES-256-GCM encryption for access tokens, a livefetch pipeline with per-bank error classification and exponential backoff, reconnection flows, Stripe quantity billing, a cancellation pipeline that doesn't leave orphaned items bleeding API fees, and a host-compatibility matrix for 29 different MCP clients. BankBridge does all of that for $5/mo per bank.

The build-it-yourself pitch

“It’s just MCP on top of a bank aggregator API, how hard could it be?” is the right instinct. The answer is: not conceptually hard, but there are 8 production-grade pieces you have to get right before your agent can reliably answer “how much did I spend on food this month?” without lying, crashing, or leaking someone else’s data. Here’s each one.

What the real work looks like

Walk through what BankBridge actually does on every agent query — this is the list of things you’d implement in a do-it-yourself version.

Auth: bearer + OAuth + PKCE + DCR

For a solo personal setup, a static bearer token is enough. For a consumer app where each end-user connects their own bank, you need OAuth 2.1 with Dynamic Client Registration (RFC 7591) and PKCE. That means: a registration endpoint, an authorization endpoint, a token endpoint, token rotation, refresh-token handling, and discovery metadata at the two /.well-known/ paths the MCP spec expects. Oh, and the agent clients (Claude.ai, Perplexity, VS Code Copilot) each have slightly different quirks around which grant types they’ll accept.

Live-fetch + error classification

A naive implementation caches bank data to make tool calls fast. That’s a privacy + accuracy disaster waiting to happen — stale balances, stale transaction lists, unnecessary PII on your servers. The right pattern is to live-fetch every query.

Live-fetch means every call has to classify upstream errors into at least four buckets:

  • Reauth required— bank needs re-login (usually quarterly). Non-fatal; other connections still return data. Return a structured warning with a reauth URL.
  • Mark dead— connection is permanently broken. Flag for the nightly reconciliation cron; return clean results from the other banks.
  • Retry— transient upstream failure. Exponential backoff (we do 3 tries, 200ms → 600ms → 1800ms) before surfacing the error.
  • Skip silent— per-call timeout for one of N banks. Pool into the warnings array, don’t surface as an error.

Plus a timeout ceiling (we use 15s at the HTTP client + 7s per-tool) so a hung bank can’t wedge an agent tool call.

Billing + cancellation safety

Each connected bank costs you in aggregator fees, so you need per-bank pricing. Stripe subscription quantity = number of banks, with proration on add (mid-period) and de-proration on remove (end-of-period, so you don’t hit Stripe’s $0.50 minimum charge floor).

The hard part is cancellation leak: when a user cancels, every bank-connection item has to be removed, or you keep getting billed by the upstream aggregator. Our six-layer defense: webhook handler, sync-time guard, MCP-time guard, nightly reconciliation cron, payment-failure retry path, and an audit log of every removal. Any one defense catches most cases; all six together guarantee zero bleed.

29-host compatibility matrix

Each MCP-speaking host has its own install flow, its own deeplink scheme (Cursor, VS Code, LM Studio, Warp), its own OAuth edge cases (Claude.ai, Perplexity), and its own default timeouts. You need to maintain a doc page per host, pre-fill users’ keys into snippets, and keep the snippets current when hosts bump their config schemas (they do, every few months).

We have 29 host integrations today. Even if you only care about Claude and ChatGPT, that’s seven products between them (Code, Desktop, web, Cowork, ChatGPT, Apps SDK, Enterprise) with seven install flows.

The cost math

Aggregator access itself is $0.30–$0.60/bank-month for Transactions, plus $1–$2/bank-month for Investments. Hosting for a single-user deploy is ~$5/mo. You’d spend an engineering weekend on the MCP server skeleton and another on OAuth. Then every month or two you’d spend a day fixing host compatibility, upgrading the aggregator SDK, or patching a live-fetch edge case.

If you value your engineering time at even $75/hour, break-even against BankBridge’s $5/mo happens somewhere around “one hour of maintenance per month.” You won’t stay under that.

When building it yourself DOES make sense

  • You need a feature BankBridge doesn’t support (money movement, a bank not in our aggregator’s list, custom data classification).
  • You’re building a consumer product that competes with BankBridge and the $5/mo price would be your own margin.
  • You have strict compliance requirements (HIPAA, SOC 2 Type II for a specific client) that require owning the infra end-to-end.
  • You genuinely enjoy maintaining this class of plumbing. Nothing wrong with that.

For everyone else — solo developers, indie founders, personal-finance nerds, small-team ops setups — the math and the time are not in your favor. Pay the $5.

FAQ

Could I just use the raw bank aggregator API?

Sure. You'd still need to write the MCP protocol layer, run your own server, handle OAuth + PKCE + DCR for multi-user apps, encrypt access tokens, classify errors into buckets that the MCP response format expects, and maintain it against 29 evolving host clients. Most people stop around step 4.

Is BankBridge open source?

No. The client integrations (the Claude Code plugin, the .mcpb bundle, the skills repo) are public; the server is closed-source — that's how we sustain development on a $5/mo SKU.

What if BankBridge goes away?

You cancel and remove the encrypted access tokens from our DB. Your bank connections are bank-side; you still have your accounts. We've committed to 12 months of downtime notice if we ever wind down.

Can I self-host BankBridge?

Not currently. We may offer a licensed self-host tier if there's enough demand — email hello@greatwork.company if that'd move you off the fence.