Is Mint.com Safe? Power of Attorney question

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills

Is Mint.com Safe? Power of Attorney question

Postby aadwen » Tue Jan 12, 2010 11:21 pm

Is Mint.com safe? It looks like you grant them limited power of attorney by signing up????

By using the Service, you expressly authorize Mint to access your Account Information maintained by identified third parties, on your behalf as your agent. When you use the “Add Accounts” feature of the Service, you will be directly connected to the website for the third party you have identified. Mint will submit information including usernames and passwords that you provide to log you into the site. You hereby authorize and permit Mint to use and store information submitted by you to the Service (such as account passwords and user names) to accomplish the foregoing and to configure the Service so that it is compatible with the third party sites for which you submit your information. For purposes of this Agreement and solely to provide the Account Information to you as part of the Service, you grant Mint a limited power of attorney, and appoint Mint as your attorney-in-fact and agent, to access third party sites, retrieve and use your information with the full power and authority to do and perform each thing necessary in connection with such activities, as you could do in person. YOU ACKNOWLEDGE AND AGREE THAT WHEN MINT IS ACCESSING AND RETRIEVING ACCOUNT INFORMATION FROM THIRD PARTY SITES, MINT IS ACTING AS YOUR AGENT, AND NOT AS THE AGENT OF OR ON BEHALF OF THE THIRD PARTY. You understand and agree that the Service is not sponsored or endorsed by any third parties accessible through the Service.
aadwen
 
Posts: 99
Joined: Sat Dec 05, 2009 1:42 am

Postby TRC » Wed Jan 13, 2010 9:18 am

I used it for about a month canceling my account It was unable to link up a number of my accounts, so it only gave me a partial view of my financial profile. It's free...you get what you pay for.
TRC
 
Posts: 1357
Joined: Sat Dec 20, 2008 6:38 pm

Re: Is Mint.com Safe??? Power of Attorney question.

Postby junior » Wed Jan 13, 2010 10:35 am

aadwen wrote:Is Mint.com safe? It looks like you grant them limited power of attorney by signing up????

By using the Service, you expressly authorize Mint to access your Account Information maintained by identified third parties, on your behalf as your agent. When you use the “Add Accounts” feature of the Service, you will be directly connected to the website for the third party you have identified. Mint will submit information including usernames and passwords that you provide to log you into the site. You hereby authorize and permit Mint to use and store information submitted by you to the Service (such as account passwords and user names) to accomplish the foregoing and to configure the Service so that it is compatible with the third party sites for which you submit your information. For purposes of this Agreement and solely to provide the Account Information to you as part of the Service, you grant Mint a limited power of attorney, and appoint Mint as your attorney-in-fact and agent, to access third party sites, retrieve and use your information with the full power and authority to do and perform each thing necessary in connection with such activities, as you could do in person. YOU ACKNOWLEDGE AND AGREE THAT WHEN MINT IS ACCESSING AND RETRIEVING ACCOUNT INFORMATION FROM THIRD PARTY SITES, MINT IS ACTING AS YOUR AGENT, AND NOT AS THE AGENT OF OR ON BEHALF OF THE THIRD PARTY. You understand and agree that the Service is not sponsored or endorsed by any third parties accessible through the Service.


Don't take this as legal advice, but, its says limited power of attorney, which Nolo.com defines as

"limited power of attorney
A power of attorney that gives the agent power to handle only a specified matter -- for example, to sign papers completing a single business transaction or property transfer. (Compare: general power of attorney)"

So my reading is it means you are granting them permission to log in to your financial web sites and doing what's necessary to download your account information. That seems entirely appropriate. It looks like that the extent of the power you are giving them.
junior
 
Posts: 426
Joined: Wed Sep 10, 2008 7:14 pm

Postby aadwen » Wed Jan 13, 2010 10:36 am

That didn't answer my question....

Seems like the service is excellent. I want to make sure the power of attorney gives them the right to pull my info and nothing else
aadwen
 
Posts: 99
Joined: Sat Dec 05, 2009 1:42 am

Postby junior » Wed Jan 13, 2010 10:37 am

aadwen wrote:That didn't answer my question....

Seems like the service is excellent. I want to make sure the power of attorney gives them the right to pull my info and nothing else


It posted before yours, so see my post above.
junior
 
Posts: 426
Joined: Wed Sep 10, 2008 7:14 pm

Postby Ice-9 » Wed Jan 13, 2010 12:22 pm

TRC wrote:I used it for about a month canceling my account It was unable to link up a number of my accounts, so it only gave me a partial view of my financial profile. It's free...you get what you pay for.


You should try yodlee.com instead. As I understand it, mint.com based their product on yodlee.com but made it more snazzy looking and for some reason offer fewer accounts.

Between various retirement and taxable accounts, banks, credit cards, credit card rewards, and monthly bills I have 40 accounts currently being tracked by Yodlee. Most of them were already tracked by Yodlee when I signed up. The two that weren't, I made a suggestion to add them on their forum and used their manual account tracking feature until they added them about two months later.

Very handy - keeps track of my net worth, spending by category, and even gives me warnings for certain events I set in advance happening on certain accounts (ie a deposit or withdrawal above a certain amount, a balance reaching a certain % of the limit, etc)
User avatar
Ice-9
 
Posts: 884
Joined: Wed Oct 15, 2008 1:40 pm
Location: Rockville, MD

Postby sscritic » Wed Jan 13, 2010 12:35 pm

Ice-9 wrote:
You should try yodlee.com instead. As I understand it, mint.com based their product on yodlee.com but made it more snazzy looking and for some reason offer fewer accounts.

Mint post-Intuit-takeover will no longer be using Yodlee for account aggregation.
Intuit has it’s own back-end account aggregation service that it will use instead of Yodlee.
http://www.techcrunch.com/2009/09/18/mi ... s-youtube/

As someone who is unhappy with Intuit, I don't buy TurboTax and I am looking to get out from under Quicken. If I decide to use an on-line aggregator, I will use yodlee, not mint.
sscritic
 
Posts: 21863
Joined: Thu Sep 06, 2007 9:36 am

Postby Ron » Wed Jan 13, 2010 12:56 pm

sscritic wrote:As someone who is unhappy with Intuit, I don't buy TurboTax and I am looking to get out from under Quicken. If I decide to use an on-line aggregator, I will use yodlee, not mint.

Just a note on Yodlee. It is used "under the coverers" for FIDO's Full View (as input to the Retirement Income Planner - e.g. "RIP") and linked to M* for portfolio/holdings breakdown when using FIDO products.

I use FIDO's services, along with a separate accont on Yodlee (to pick up my non-retirement and CC accounts).

Sorry, I still do use Quicken (as I have over the last 20+ years :lol: )...

- Ron
User avatar
Ron
 
Posts: 5245
Joined: Fri Feb 23, 2007 8:46 pm
Location: CCTV Building - Beijing CBD

Postby downshiftme » Wed Jan 13, 2010 3:28 pm

How can any service that you give your passwords to be safe? Of course it's not safe. I'm sure they have procedures to guard the accounts and they used to make a big deal about the fact that they do not store the passwords (they pass them to another company to store. lol)

Many people use the service and seem to feel the risks are acceptable. I think this is far too much risk for me and I would never give them access to my accounts. YMMV.
downshiftme
 
Posts: 642
Joined: Sun Mar 11, 2007 7:11 pm

Postby Ron » Wed Jan 13, 2010 3:32 pm

downshiftme wrote:I think this is far too much risk for me and I would never give them access to my accounts. YMMV.

Simple; then just don't do it :roll: ...

As for me? I have an auto-email sent to me for any transaction (that is ANY transaction) that affects my accounts over $1.

I also "pull" my accounts on Vanguard, Yodlee, FIDO, etc. on a daily basis. I'm well aware of what is happening in my account (and my wife's) on a daily basis.

If anything, it is more timely than anything that happened in the "old days" of receiving monthly paper statements.

But if you don't "trust" the system? Then fine; do what you must, in your situation (I'm not here to "convert" you in any manner :wink: )...

- Ron
User avatar
Ron
 
Posts: 5245
Joined: Fri Feb 23, 2007 8:46 pm
Location: CCTV Building - Beijing CBD

Postby CaptMidnight » Wed Jan 13, 2010 7:43 pm

downshiftme wrote:How can any service that you give your passwords to be safe? Of course it's not safe. I'm sure they have procedures to guard the accounts and they used to make a big deal about the fact that they do not store the passwords (they pass them to another company to store. lol)

Many people use the service and seem to feel the risks are acceptable. I think this is far too much risk for me and I would never give them access to my accounts. YMMV.


Words of wisdom. It is not possible for any outsider to assess the risk. While probably nothing untoward will ever happen, if it does, you might be ruined. How could a mere convenience benefit be worth that risk?
The history of thought and culture is ... a changing pattern of great liberating ideas that inevitably turn in suffocating straightjackets... | --Isaiah Berlin
CaptMidnight
 
Posts: 757
Joined: Tue May 15, 2007 6:58 am

Postby TRC » Wed Jan 13, 2010 10:41 pm

CaptMidnight wrote:
downshiftme wrote:How can any service that you give your passwords to be safe? Of course it's not safe. I'm sure they have procedures to guard the accounts and they used to make a big deal about the fact that they do not store the passwords (they pass them to another company to store. lol)

Many people use the service and seem to feel the risks are acceptable. I think this is far too much risk for me and I would never give them access to my accounts. YMMV.


Words of wisdom. It is not possible for any outsider to assess the risk. While probably nothing untoward will ever happen, if it does, you might be ruined. How could a mere convenience benefit be worth that risk?


With that logic, you should keep your money buried under your house. Any company is open to being hacked, including your bank, credit card companies, investment accounts, etc. (not just mint).
TRC
 
Posts: 1357
Joined: Sat Dec 20, 2008 6:38 pm

Postby Steelersfan » Wed Jan 13, 2010 11:29 pm

I really like the convenience of accessing cash using my debit card from an ATM, both in the U.S. and when I travel to Europe. Is there a risk? Someone inside the bank or somewhere between the ATM and my bank could steal my account number and password. Sure there's risk, but the convenience way outweighs the risk.

I think that risk is actually greater than giving some information aggregator the right to access my account balance and transaction history.

Disclosure - I worked in technology for a large financial institution who provided both ATM access and information aggregation.
User avatar
Steelersfan
 
Posts: 2467
Joined: Thu Jun 19, 2008 9:47 pm

Postby vgoel » Thu Jan 14, 2010 1:33 am

I used Mint for a number of months and then deleted my account. I did not like Mint employees getting interviewed on TV talking about trends that they were seeing on their site. I run a lot of my life using Google and other cloud based services but I got uncomfortable with Mint.
vgoel
 
Posts: 38
Joined: Mon Aug 31, 2009 5:26 pm
Location: Silicon Valley

Postby mfen » Thu Jan 14, 2010 8:01 am

With that logic, you should keep your money buried under your house. Any company is open to being hacked, including your bank, credit card companies, investment accounts, etc. (not just mint).


Not the same thing. You have legal/fiduciary protections with banks and brokerages. You have government protections and regulations with banks and brokerages. Mint and similar sites are just marketing programs to offer you a service to sell a product, they are not regulated financial institutions. It seems Mint was trying to sell itself, which is a common marketing program for internet websites. They develop a service that drives consumers to their website and when they reach critical mass they market themselves out to the highest bidder, in Mint's case it was Quicken. Fortunately Quicken is a fairly transparent company, but they are just using their aggregator as a marketing tool to sell you software.

If your bank gets hacked you have a substantial probability of getting your money back and you will have the full force of the court systems to help you, not so with some internet aggregator.
Maryanne
mfen
 
Posts: 672
Joined: Sun Jun 21, 2009 6:23 am

milnt.com

Postby Larry Johnson » Thu Jan 14, 2010 4:51 pm

Giving a limited power of attorney to strangers is simply stupid.
Larry Johnson
 
Posts: 183
Joined: Mon Dec 08, 2008 11:30 am
Location: Tulsa, Oklahoma

Postby aadwen » Thu Jan 14, 2010 5:11 pm

What program can I buy that can do all of this safely with no risk?
aadwen
 
Posts: 99
Joined: Sat Dec 05, 2009 1:42 am

Postby greg24 » Thu Jan 14, 2010 5:20 pm

aadwen wrote:What program can I buy that can do all of this safely with no risk?


I was going to say a pen and paper, but someone might come steal that from your house.
User avatar
greg24
 
Posts: 2155
Joined: Tue Feb 20, 2007 11:34 am

Re: milnt.com

Postby Cloud » Fri Jan 15, 2010 5:50 pm

Larry Johnson wrote:Giving a limited power of attorney to strangers is simply stupid.


I'm with you there.... And what ever happened to your bank not being responsible if you give out your password and it's used to harm you... Once you give out your password to a third party all bets are off and you have no recourse to recover any funds. Good luck.
User avatar
Cloud
 
Posts: 605
Joined: Wed Sep 12, 2007 1:43 pm

Postby Lbill » Fri Jan 15, 2010 7:08 pm

Wonder if you are giving limited POA to Quicken also when it accesses your accounts to download transaction data.
"Life can only be understood backward; but it must be lived forward." ~ Søren Kierkegaard | | "You can't connect the dots looking forward; but only by looking backwards." ~ Steve Jobs
User avatar
Lbill
 
Posts: 4997
Joined: Fri Mar 14, 2008 12:25 am
Location: Somewhere between Up and Down

Postby fsrph » Fri Jan 15, 2010 7:28 pm

downshiftme wrote:How can any service that you give your passwords to be safe? Of course it's not safe. I'm sure they have procedures to guard the accounts and they used to make a big deal about the fact that they do not store the passwords (they pass them to another company to store. lol)

Many people use the service and seem to feel the risks are acceptable. I think this is far too much risk for me and I would never give them access to my accounts. YMMV.


I agree with you that it's too risky for a 3rd party to know your user name/password for other accounts. But, if anyone has outside accounts linked to your Vanguard acccount they do ask for your login info for the 3rd party site. This is if you want VG to refresh your balances from the 3rd party account. However, I do not know if the limited power of attorney language is in VG's terms of use.

Francis
fsrph
 
Posts: 555
Joined: Sun Jul 26, 2009 8:54 pm
Location: Pa.

Postby CaptMidnight » Fri Jan 15, 2010 8:51 pm

aadwen wrote:What program can I buy that can do all of this safely with no risk?


The first step you might take is to abandon that black and white, either/or approach, in favor of a recognition of assessing levels of risk against varying benefits. While we all know that it is impossible to reduce risk to zero in most cases that hardly implies that risk reduction is futile.

Providing your passwords to another company that does not have a fiduciary responsibility to you merely for the benefit of reporting your transactions with less effort that using Quicken waves a big red flag in my face. We know that most of the hacking (97% is one number I have seen) attacks institutions nots pc desktops on which you are dutifully running a firewall and virus checker. So, providing a rich target for just such an effort seems foolish to me especially when the benefit is something I can provide myself with a little effort and very little cost.
The history of thought and culture is ... a changing pattern of great liberating ideas that inevitably turn in suffocating straightjackets... | --Isaiah Berlin
CaptMidnight
 
Posts: 757
Joined: Tue May 15, 2007 6:58 am

Postby Steelersfan » Fri Jan 15, 2010 9:56 pm

CaptMidnight wrote:
aadwen wrote:What program can I buy that can do all of this safely with no risk?


The first step you might take is to abandon that black and white, either/or approach, in favor of a recognition of assessing levels of risk against varying benefits. While we all know that it is impossible to reduce risk to zero in most cases that hardly implies that risk reduction is futile.

Providing your passwords to another company that does not have a fiduciary responsibility to you merely for the benefit of reporting your transactions with less effort that using Quicken waves a big red flag in my face. We know that most of the hacking (97% is one number I have seen) attacks institutions nots pc desktops on which you are dutifully running a firewall and virus checker. So, providing a rich target for just such an effort seems foolish to me especially when the benefit is something I can provide myself with a little effort and very little cost.


That's all very true. But how many hacks have been done exploiting userid and passords stored at sites where they've been stored and used to retrieve (in a supposed read only basis) accounts on another site? My knowledge certainly isn't total, but I don't remember hearing of any. Other types of hacks? Many, and serious ones too.
User avatar
Steelersfan
 
Posts: 2467
Joined: Thu Jun 19, 2008 9:47 pm

I use mint.com to track credit card expenses only

Postby gh0st » Fri Jan 15, 2010 10:44 pm

I use mint.com to track my expenses only. Specifically, I have mint tied in to my credit cards, but *not* my checking, savings, or retirement accounts. Since I run most all of my expenses through credit cards the mint analytics are very useful for looking at spending habits. It has completely replaced my old spreadsheet budget.

I figure that in a wost-case scenario I'm pretty safe since credit card companies are usually good about reimbursing fraudulent charges. With cash accounts it's usually not so easy, so I keep them far away from mint.
gh0st
 
Posts: 8
Joined: Sat May 23, 2009 12:09 am

Postby amp » Sat Jan 16, 2010 10:26 am

There are always tradeoffs. I probably have accounts at something like 10-15 financial institutions. Aside from my primary checking account and my brokerage, I just don't log into most of them very often. Consider the risk if some money went missing from one of those accounts, due to theft or bank error or something else. Mint's aggregation provides a safeguard, so I will be aware of any problematic transactions much quicker than if I had to wait until the monthly statement arrived in the mail -- and that assumes that I'd even notice the error on the statement.

I also like that I can have Mint automatically email me if I get charged any bank fees or transaction charges. A $20 or $30 garbage fee is exactly the sort of thing I would miss on a complex statement with many transactions.
User avatar
amp
 
Posts: 129
Joined: Sun May 04, 2008 10:40 am

Yodley is great

Postby Rajsx » Sun Jan 17, 2010 1:58 pm

After hearing about Yodley on this Post (Ice-9), I linked all my accounts (Quite a few) on their Website. This went very smooth, except 1 or 2 accounts which I am still working on.

DW has been using Quicken, which I find difficult to work with. Yodley gives me a very useful, accurate & up to date Summary.

I will keep you posted of any negatives.

Warm Regards
We do not stop laughing because we grow old, we grow old because we stop laughing !!
Rajsx
 
Posts: 199
Joined: Wed Mar 21, 2007 11:07 pm
Location: Florida

Postby Cloud » Sun Jan 17, 2010 10:43 pm

From my bank:

And do not provide your User ID and Password to anyone else! If you do, we will consider any transactions initiated by someone to whom you have given your User ID and Password to have been authorized by you.
User avatar
Cloud
 
Posts: 605
Joined: Wed Sep 12, 2007 1:43 pm

Postby eas » Tue Jan 19, 2010 3:10 pm

Cloud wrote:From my bank:

And do not provide your User ID and Password to anyone else! If you do, we will consider any transactions initiated by someone to whom you have given your User ID and Password to have been authorized by you.


In the case that mint / yodlee's servers get hacked and your logon data stolen (and is somehow stored unecrypted / poorly salted ), I would imagine that bit of verbiage still wouldn't matter. You didn't provide the user ID and password to the thief, who is initiating the transfer.
eas
 
Posts: 242
Joined: Sat Jan 10, 2009 9:39 pm


Return to Personal Finance (Not Investing)

Who is online

Users browsing this forum: adamthesmythe, Boglegrappler, CPABOB, Globalviewer58, Grt2bOutdoors, iaminam, JW Nearly Retired, munemaker, Naismith, OldSubmariner, Quickfoot, rgarling, Steelersfan, youngcrv, Zecht and 83 guests