> But until we have a better system of plainly showing access levels to one's account its a scammer paradise to allow access via said API.

Nobody says such API would be connected to a person's life holdings. It could be low amounts that are safe to lose in case of a hack.

Of course, you need to educate people to not put all their life savings into those accounts. But the same applies to multiple other services.