For every connection made directly to the bank, there’s a chance of receiving a MFA challenge.
Each time an end-user answers correctly a MFA, its answer is stored in case the same challenge is prompted again in a later connection. We’re then able to automatically answer the MFA without having to prompt it back, and each new stored answer for a specific account reduces the chances of having another MFA.
Besides this technique, we have several others in place to avoid having a security question prompted in order to improve the user experience, but since we don’t control the security algorithms from the banks, we can’t guarantee 100% of the requests will go through without a MFA flow.
The only case where you are guaranteed of not having a MFA is when you make a cached call to retrieve already saved data directly from Flinks with "MostRecentCached":true. You can also follow the WithMfaQuestions process to get all your mfa saved in the database.