There’s a massive difference between trusting banks (insured, backed by the state, etc) and trusting some random SaaS/web app you saw 10 minutes ago with access to said banks.

Oh it's "random" app, and here this time I figured we were talking about a reputable one that has PCI-DSS compliance like Quicken. My bad.

Sure, if you just trust some random Chrome extension from a random individual developer, you're absolutely setting yourself up for trouble when they hack your shit. But to wholesale dismiss all apps when there are actual legal protections in place that permit these businesses?

At least in the US, you don't have to trust a bank. You just trust the FDIC.

Also, what a glaring false dichotomy.

My point wasn’t necessarily creating a false dichotomy, since I was highlighting the inconsistency in the argument about trusting banks but dismissing reputable third-party apps on the whole. Does this person distrust consumer protections set up to allow for such tools to exist in the first place?

So to make "false dichotomy" stick, you going to need to assert that if Quicken were breached and this lead to my Schwab account being accessed by a bad actor, I actually am shit out of luck. Will you do that?