Thoughts on mint.com

Discussion in 'Mac Apps and Mac App Store' started by dukebound85, Dec 2, 2009.

  1. dukebound85 macrumors P6

    dukebound85

    Joined:
    Jul 17, 2005
    Location:
    5045 feet above sea level
    #1
    Sounds cool but I can't help but be uber wary

    Is it better to avoid this? I hate entering bank info to a website but I hear it has good reviews

    Are my concerns warranted? or are they unfounded? Any one have experience with this?
     
  2. MrBrekke macrumors 6502

    MrBrekke

    Joined:
    Oct 1, 2009
    Location:
    Norway
    #2
    seams legit but i would never give a site like that my cc info and bank info..
     
  3. robanga macrumors 68000

    robanga

    Joined:
    Aug 25, 2007
    Location:
    Oregon
    #3
    I've heard a lot of good things as well. Now that they are owned by Intuit, you'd also figure that the experience would be more secure being run by a larger publicly held company.
     
  4. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #4
    Intersting idea but there's no way I'd give that company (or any company) my bank info.
     
  5. rKunda macrumors 65816

    rKunda

    Joined:
    Jul 14, 2008
    #5
    I've been using it. Like it a lot.

    Great review, eh?
     
  6. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #6
    It asks for way too much information for way too little gain. Personally I think people who use it are insane; the entire site is an identity theft bonanza waiting to happen.
     
  7. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #7
    they have the usual Verisign, TrustE, etc, but these are not all that trustworthy in my opinion. They haven't been around long, and their track record at security is not proven.
     
  8. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #8
    They've been around for 2 years now and I haven't read about any security issues so their track record is actually pretty good. They seem to have all of the same security in place that bank web sites do and a lot of people use those. I don't have an account at Mint as I don't see a personal use for it, but I do see it as secure and trustworthy as a banking web site.

    Here's one article on this topic in general.
     
  9. sl1200mk2 macrumors 6502

    Joined:
    Oct 17, 2006
    #9
    I've been using Mint since practically day #1 and love it. It's a fantastic site. My budgeting and financial needs are fairly simple and it works perfectly for my situation.

    An FYI, Verisign has been around forever in internet terms. They are one of the most highly regarded (albeit overpriced) SSL vendors and also control the root DNS servers for the entire internet. If you browse the web your using Versign servers.

    As far as giving Mint financial information, you all are living under a rock and in denial if you think giving them information is any worse then ever making a single purchase online. It's far more secure than your typical ecommerce site. I know a thing or two about this as I've worked in the hosting industry for over 8 years. I can't tell you (in obvious violation of PCI compliance) how many times I've seen full name, credit card, CVV, expiration and address information sitting in a database or file, plain text, unencrypted / hashed.

    I'm far more uncomfortable giving my credit card to a teenager in a restaurant who disappears in back somewhere for a few minutes with opportunity to do god knows what than I ever would be with Mint. In fact, the two times in 20 years I've ever had any "mystery" charges on my accounts where in a few days of having been dining out.

    The routine (daily) inspection and scrutiny that Mint and major financial institutions undergo is about as safe as it gets online.
     
  10. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #10
    Actually that's not correct.

    Giving your card to a teenager who disappears with it to charge something to it is no different than making a purchase on line if there's ever a problem, because you are not liable for any charges you didn't make to your card if it's ever appropriated by an unauthorized third party. In fact, this is what makes the entire credit card system work- the onus falls on the credit provider to prove that you made charges to your card.

    If a hacker somehow gets into Mint's system or access your information via social engineering, guessing a weak password, or otherwise stealing your identity and winds up transferring money out of your bank account by otherwise legitimate means to a Swiss bank account, you are 100% screwed.
     
  11. sl1200mk2 macrumors 6502

    Joined:
    Oct 17, 2006
    #11
    I'll take my chances. ;)
     
  12. robanga macrumors 68000

    robanga

    Joined:
    Aug 25, 2007
    Location:
    Oregon
    #12
    When comparing the risk to other commerce and banking sites, you have to consider that very few of those have all of the information on you. Mint as I understand it, requires a bit more info on multiple accounts etc.

    Still I agree with the others that say they use the best security they can. I believe I am going to start using it.
     
  13. Ashka macrumors 6502a

    Ashka

    Joined:
    Aug 9, 2008
    Location:
    New Zealand
    #13
    No, No & No.

    After all that has happened with all the World wide financial skulduggery that Banks and related businesses have been getting up to over the last who knows how many years and you are thinking seriously about giving some online company that is only two years old all your banking details....

    Trust is something that is earnt not given away to some tinpot outfit to save an hour or so a month.
     
  14. sl1200mk2 macrumors 6502

    Joined:
    Oct 17, 2006
    #14
    It's pretty obviously everyone is highly confused about what information you're actually giving Mint, because you haven't actually used the service. Everyone is under the impression that you must be filling out forms with every bit of personally identifiable information about you and possibly DNA samples. That just isn't the case.

    Here's what Mint does not have:

    1. Your name
    2. Your address
    3. Anything that actually would identify who you really are other than a random username and password
    4. Any of your actual full account numbers to any financial institution (unless yours is stupid enough to use your account number as a login).

    Here's what Mint does have:

    1. Usernames and passwords used to access your various online banking accounts

    "Yes, but doesn't that sound really really bad?" -- it does, until you think about what it actually means in practice. It's the same as someone being able to log into your online bank account or credit card. What can they actually do from there? For me, that means they know what banks / credit cards I use, can see my balances, see my recent transactions and possibly steal $1,000 via transfer (the maximum online transfer my bank allows) -- which I would promptly get back. Being able to access your account online, in most cases, is pretty limiting, which is intentional, because real fraud does happen.

    What they still don't have:

    1. My name
    2. My address
    3. My full account numbers (because these are never fully displayed by any reputable financial institution online)
    4. Any real identifiable information about me other than my spending habits and account balances
    5. My credit card CVV numbers

    No one is stealing my identity or wiring off my life savings to Switzerland as someone else implied. They have nothing about me that even remotely allows that.

    You don't have to give Mint any information you don't want to. For example, my retirement accounts are not in Mint, nor are my savings accounts. No reason to be. I only have my daily checking account and a couple credit cards to track spending habits and balances in a central location.

    Maybe I'm just a bit too trusting in this case, but I really don't see what the super paranoid concern is once you review what's really at stake. And I'm generally highly skeptical and non-trusting, especially online where practically everything is a scam. I'm not saying you don't have to be sensible and blindly throw some outfit everything about you. That'd be insanity, but really, Mint has less information and is far harder to crack than someone cracking and packet sniffing my wireless network which the majority of you use wireless as well. There's a lot more online and in my daily life to worry about other than Mint.
     
  15. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #15
    Who cares about your name if I've already got your bank info?

    See above. And for #4, once you're into your online banking system that's simple enough to find out.

    "Promptly" ? You'd have to go through a lot of bureaucracy and have an annoying time of it, unless you have a good bank like USAA. A thief logging into your bank account looks exactly the same as you logging into your account, so you *are* responsible for proving your innocence.

    Again, 1-4 don't matter. 5 is unimportant because with credit cards you're not liable.

    ...They have your account numbers and access to a means of transfer. It's not your entire life savings, but it's enough that you are going to be pissed about it.

    Yes, but most people aren't careful.

    I don't know why people fixate on the difficulty of cracking AES, RSA, SSL, or whatever other encryption algorithm X company uses to secure their data. That's simply not how data gets stolen. It's almost totally irrelevant against systems competent enough to implement a good algorithm. If you pick a strong password for Mint, you're fine. The problem is most people don't, and those are the people that are going to have a very stressful experience dealing with their bank.
     
  16. sl1200mk2 macrumors 6502

    Joined:
    Oct 17, 2006
    #16
    I wrote this whole huge long post, then came back and deleted it. I realized that I just don't care. Do what you like folks. Just do it with strong passwords. :)
     

Share This Page