Mint has just released a free native application for the iPhone and iPod touch that allows you to browse your Mint account (including account balances, transactions, budgets, etc.) quickly and natively. Nice.
I tried Mint.com. Their approach to security is to say they don’t have your information, another site has your information. That site is Yodlee.com. Its kind of like saying your house is secure because the neighbors have the key.
They actually locked out one of my financial accounts (after it was working fine with them for weeks). This was unacceptable. Certainly if they are unable to access my accounts on a regular basis without locking them out, then they are highly unlikely to maintain decent security over the long run. I really can’t deal with a DOS attack on my online financial accounts, so I deleted my Mint.com account.
I’ve been using Mint for a couple of years now and haven’t had many problems except occasionally one or another account will take a few hours longer to sync than another. Obviously, if Yodlee was locking out one of your accounts, that’s not good at all.
I read through their security policy quite thoroughly before signing up with them in the first place and definitely understand the risks involved. I check my accounts frequently enough and keep my ears open for word of security breaches at my banks, Yodlee, and Mint so that I’m ready to call banks if anything seems suspicious.
It’s true that Mint saying that Yodlee is the only service that has your passwords and that account info pulled from a read-only connection with Yodlee is quite a cop out. All the information that someone proficient at social engineering and with a little bit of cash to invest needs is (1) your name, (2) the name of the banks where your accounts are held, and (3) dates & amounts of recent transactions. All of the above are accessible if one were to break into your Mint, Yodlee, Geezeo, Quicken Online, Wasabi, etc., account. The only other info that would make a fraudster’s life easier is your Social Security Number, which can be found for a reasonable fee.
Of course, anyone could jimmy the lock on your home and steal mail out of your mailbox to the same effect with no more or less ease, as long as you’re being very caution when accessing online accounts.
So yes, there are major security concerns. However, they probably balance out reasonably with the benefits of better managing my money and knowing what’s up with all my accounts on daily basis (esp. if something suspicious shows up). It does for me, anyway.
I tried Mint.com. Their approach to security is to say they don’t have your information, another site has your information. That site is Yodlee.com. Its kind of like saying your house is secure because the neighbors have the key.
They actually locked out one of my financial accounts (after it was working fine with them for weeks). This was unacceptable. Certainly if they are unable to access my accounts on a regular basis without locking them out, then they are highly unlikely to maintain decent security over the long run. I really can’t deal with a DOS attack on my online financial accounts, so I deleted my Mint.com account.
I recommend to avoid them.
I’ve been using Mint for a couple of years now and haven’t had many problems except occasionally one or another account will take a few hours longer to sync than another. Obviously, if Yodlee was locking out one of your accounts, that’s not good at all.
I read through their security policy quite thoroughly before signing up with them in the first place and definitely understand the risks involved. I check my accounts frequently enough and keep my ears open for word of security breaches at my banks, Yodlee, and Mint so that I’m ready to call banks if anything seems suspicious.
It’s true that Mint saying that Yodlee is the only service that has your passwords and that account info pulled from a read-only connection with Yodlee is quite a cop out. All the information that someone proficient at social engineering and with a little bit of cash to invest needs is (1) your name, (2) the name of the banks where your accounts are held, and (3) dates & amounts of recent transactions. All of the above are accessible if one were to break into your Mint, Yodlee, Geezeo, Quicken Online, Wasabi, etc., account. The only other info that would make a fraudster’s life easier is your Social Security Number, which can be found for a reasonable fee.
Of course, anyone could jimmy the lock on your home and steal mail out of your mailbox to the same effect with no more or less ease, as long as you’re being very caution when accessing online accounts.
So yes, there are major security concerns. However, they probably balance out reasonably with the benefits of better managing my money and knowing what’s up with all my accounts on daily basis (esp. if something suspicious shows up). It does for me, anyway.