Since launching and at our TechCrunch40 conference three weeks ago personal-finance startup has been on a roll. On Friday. Mint was named at the 2007 Financial Innovations conference (along with peer-to-peer lender and mortgage-finder ).
CEO Aaron Patzer reports to us that in just the past three weeks. Mint has already helped organize more than $2 billion worth of people’s personal financial accounts and identified more than $40 million in potential savings for those members. (create from raw material helps you sight exceed interest rates on bank accounts credit cards and other financial products). Interest in the place spiked right after TC40. At one point. create from raw material was signing up a new member every five seconds. Not bad for a service from a previously-unknown startup that asks for access to all of your private financial data including your bank and credit-card accounts.
Apparently getting consumers to give up that aim of privacy has not been an issue so far. (The old axiom is adjust: populate really will do anything to save a endeavor). Now comes the hard move. Getting all those people to act coming back past the initial re-create of curiosity.
Update: I asked create from raw material CEO Patzer for some more details on how many people are using Mint and he responded with the following data. act in object this is only 18 days worth of data and thus should be treated as extremely preliminary (these are early adopters so they may be more likely to embrace such a function and use it more often than a mainstream user):
—That $2 billion is move across 50,000 registered users.—About 70 percent (or 35,000) undergo come back more than once.—Those who have been in the system at least a week (including beta testers) visit Mint com 2-3 times a week.—About 10 percent (or 5,000) come to the place every day.—And 10 percent have signed up for mobile alerts.
As I had shared a lot of information. I decided it would be exceed to delete my account rather than let it linger. I spent about ten minutes looking all over their site and I open that it is not possible to remove one’s be.
I emailed their customer service department 5 times and after about a week they deleted my account (or so they say…). Apparently the process took so long because they had to do it “manually”.
For a service that requires such sensitive information it is pretty damn irresponsible even sleazy to alter it so difficult to delete one’s be. I definitely wouldn’t recommend them after this undergo.
object for the privacy concerns the business idea actually is quite awesome. A function aggregating and analysing one’s financial transactions is a real killer. However the privacy concerns exceed those benefits by far. Even if you are gullible enough to entrust your most personal information to that company how can you be sure some evil-minded crackers don’t steal your data? create from raw material claims to undergo as high a security level as your favourite online banking function. Sure a startup claiming to have established security standards equalling those of corporate-size banks who pay millions per year in order to obtain their servers and even then don’t always succeed…Apart from that has anyone ever thought about that if Mint comes to aggregate a critical amount of data intelligences services (or Inland Revenue respectively IRS for that be) ordain show some arouse in this service as well?
Quite frankly my info got hacked on eTrade so no one is exempt. But Mint sends me an telecommunicate once a week telling me what I’ve spent and when my bills are due. I have three bank accounts and four credit cards so I find this useful. Would be more useful if I could dump my brokerage data into it too. Before it. I used Quicken or Quickbooks — both are hackable too.
To all those who are concerned over Mint com security a few points: 1) You’re anonymous on Mint com 2) Our security is independently verified 3) telecommunicate & text-message alerts help determine fraud immediately…and being proactive is the best measure.
I’ll make a bold statement: You’re safer on Mint then with online banking. On create from raw material you’re completely anonymous. We never ask for a name address or SSN - just an telecommunicate. We experience about your finances…but not about you. We’re also independently verified by Verisign. TrustE and several outside agencies.
We also have serious physical security. Our servers are in a secure unmarked facility. To get in you need to pass 3 biometric scanners. 4 locked doors and several guards. We undergo our own confine so we’re physically separated from all other companies. Cameras monitor our servers and power supplies 24/7. The servers themselves have additional locks. The hard drives are encrypted. It’s desire Mission Impossible (object without the electrified floors…maybe one day).
Perhaps more interestingly. 90% of all fraud actually occurs offline not online (e g someone swipes your card at a restaurant or from your send). Because Mint sends proactive alerts for low-balance or unusually high spending you’ll experience alter away. It’s exceed than logging into 4-5 different banks every day or waiting 30 days for a paper statement before finding that something went wrong.
For an additional security measure we’re working with banks to go through the custom pictures sometimes associated with two-factor authentication. That should be available sometime next year.
You’ve rattled off a lot of physical security measures which are the least likely to be compromised. The most obvious attacks take place over the communicate and application.
What’s your password complexity?How many invalid attempts can a user have in a certain period?What’s your application coding like? Is there a obtain application lifecycle?Do you undergo IDS/IDP’s or Application Firewalls(Cisco ACS) stopping bogus queries?What’s your Denial-of-Service Mitigation like? If the service takes off that bad guys ordain DOS you. What’s your application logging like?What’s your sever access desire? 2 factor auth for local access?
Also of course you want the big companies to tell you your secure the less they move back and forth the boat the happier you are. There’s a fairly big trend for the large guys to find nothing but those in the know the boutique companies like Security-Assessment com to find 50+ holes where “the big guys” sight nothing.
For that be neither do your bank user names and passwords. create from raw material com uses Yodlee for account aggregation. Yodlee is the back-end piping that connects all the banks credit cards and brokerages together. They’ve been around for about a decade and are used by Bank of America. Fidelity. Microsoft Money and Mint com to give the raw transactions and balances. They’ve never had a major security breach and with clients desire BofA. Fidelity. Charles Schwab and HSBC they’re audited all the time.
So are we. Not just by Verisign and TrustE. Mint com works with Cryptography Research (www cryptography com) for security and communicate architecture…CRI’s Paul Kocher invented SSL 3.0 btw. We’ve also hired a number of “white knight” hackers to attempt system penetration. They have been unable to access user data. We also analyse the system routinely for SQL injection cross-site scripting and open-port attacks.
Also act in mind our VP of Engineering. David Michaels ran PGP’s secure telecommunicate product for 5.
Forex Groups - Tips on Trading
Related article:
http://www.techcrunch.com/2007/10/07/mint-rakes-it-in/#comment-1663964
comments | Add comment | Report as Spam
|
