If You Use Mint, You Could Lose a Mint

share:

"We're having issues right now." Yeah, me too. I'm trying to set up my financial accounts on Mint.com so I can test drive its new Mint app and it hasn't been easy so far. I managed to set up my bank and a PayPal accounts in about 10 minutes, but it's another story with my credit card. Mint.com has been having "issues" with that one account for about 48 hours and counting.

Mint's new iPhone app gives you a view of your online financial picture at Mint.com. It would be a time saver if I could access all my accounts all from one place at one time, and that is what Mint.com is all about, at least if it worked.

I was able to set up the same credit card account with another developer's iPhone app in under 45 seconds during the same time I was attempting to set up my Mint.com account so I surmise the problem is not an erroneous login ID or trouble at the credit card company.

I'm leery of keeping any sensitive information on my iPhone because if I lose it, bad things will probably happen. However, what appealed to me about using Mint's new app is I would be able to deactivate access to my account from the company's Web site if the need arises.

That you can't rely on Mint.com is bad enough. Now, here's what I believe is a real deal breaker: Neither the site nor the app follow security best practices and the app exposes your most sensitive information to anyone who can spend 30 seconds with your iPhone if you don't remember to log out of the Mint app or if you receive emails from Mint.com.  Even turning off the iPhone will not do.

Mint.com and its app do not set any requirements or provide guidelines on what might be a hacker-proof password, as is common at many sites that handle less-sensitive information. Not everyone is savvy enough to understand the vulnerabilities that ensue from not using proper passwords.

Although you can't move money using Mint.com or its app, knowing which accounts a person has and how much money is in them, is useful to a bad guy on a number of levels that space unfortunately does not allow me to go into here. I will say that if I was your unhappy spouse, a close friend or relative, I could figure out how to get access to your accounts and most likely, spend your money.

Laughably, I received this morning a weekly account update via email from Mint.com containing a list of of my accounts, the amounts in them and a list of recent purchases. As any iPhone user knows, accessing email requires a simple tap of a button. This yet another security loophole in the Mint app.

The app seems to work fine, as far as giving you access to your Mint.com financial picture. It looks good and the interface is streamlined. But until MInt.com actually makes your private information secure from prying eyes, I'd advise you not to use either the site or the app.

Crave More Apps? Subscribe to the Newsletter or grab the RSS feed.


  • http://www.alphamantra.com/finance/should-you-use-mintcom-and-why/ Mint Is Safe

    I use Mint.com and I had all the same concerns at first. The thing is, even if someone finds your iphone, all they can see his how much money you have (or more likely owe) They can't make any kind of transactions, get any account numbers, or really do much of anything. They'll just know how broke you are :) Mint on the computer is the same way, and it logs you out every 10 minutes. I don't think the iphone version does that, but that's because it would be a pain in the neck and it shows no compromising information.

  • Monica

    I am concerned about my privacy and my Bank doesn't recommand to use Mint.

  • http://twitter.com/mpheadley Matt

    I had very few problems with setting up my mint account. Figuring out what the security questions were for some of my accounts was a little tricky but not impossible. I was successful in getting all of my several checking and savings, credit card, and school loan accounts up on mint. The iphone app is also very simple and useful, and I highly recommend it to anyone trying to keep a close watch on their budgeting. If you have concerns about someone using your iphone, set up a security passcode lock on the thing! I'm sure there are very few of us that don't have sensitive personal/financial information on our phones these days.

  • Shaun

    Mint has an options page where you can simply turn off all the alerts. If you are using the app why do you need an email coming to you as well? Plus take solace in the small amount of non waste you are saving :D
    Also, in this day and age, got a little security conscious myself, instead of blaming everybody else for my own ignorance. What happened to learning and being aware of how to take care of myself :-)
    Having researched the above, looking through the options, and thinking about how I want to use something I am now as happy with with the use of the Mint App on my iPhones as I am with the iPhones themselves.