Comments on: Online Security: TWiT Scalds Mint.com http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/ Financial Voyeurism - Learn as I learn - we're all in this together Tue, 06 Jan 2009 10:44:30 +0000 http://wordpress.org/?v=2.7 hourly 1 By: Mint.com: A Re-Review | Watch My Money Maker http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/comment-page-1/#comment-5380 Mint.com: A Re-Review | Watch My Money Maker Tue, 18 Nov 2008 13:20:02 +0000 http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/#comment-5380 [...] in September of 2007 I mentioned that Leo Laporte had made some strong accusations of Mint.com.  Both Mint.com and Wesabe.com staff left comments on my blog, and both offered to do follow up [...] [...] in September of 2007 I mentioned that Leo Laporte had made some strong accusations of Mint.com.  Both Mint.com and Wesabe.com staff left comments on my blog, and both offered to do follow up [...]

]]> By: Mike D http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/comment-page-1/#comment-279 Mike D Tue, 02 Oct 2007 20:38:31 +0000 http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/#comment-279 I was pretty surprised to hear Leo Laporte trash Mint on two separate podcasts - TWiT and net@nite. While storing passwords online might not be for everyone, I would not make a blanket statement that this is somehow inherently insecure. I think Mr. Patzer's detailed response is proof that Mint.com takes this seriously. On the podcasts Leo Laporte made some comments about storing financial information with "strangers". Didn't we get over this 10 years ago? What am I missing? I was pretty surprised to hear Leo Laporte trash Mint on two separate podcasts - TWiT and net@nite. While storing passwords online might not be for everyone, I would not make a blanket statement that this is somehow inherently insecure. I think Mr. Patzer’s detailed response is proof that Mint.com takes this seriously. On the podcasts Leo Laporte made some comments about storing financial information with “strangers”. Didn’t we get over this 10 years ago? What am I missing?

]]> By: Aaron Patzer http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/comment-page-1/#comment-259 Aaron Patzer Fri, 28 Sep 2007 23:15:35 +0000 http://watchmymoneymaker.com/2007/09/28/online-security-twit-scalds-mintcom/#comment-259 Randy, My response to Leo LaPorte's concerns over Mint's security is below, verbatim & with no edits: ----- I’m Aaron Patzer, the Founder & CEO of Mint.com, which you mentioned on Tuesday’s TWiT show. I’m glad we “seduced” you into giving Mint a try ;-) Mint is the easiest way for most people to organize their finances, without the hours of accounting-like work required by desktop products (Quicken, MS Money). I wanted to address your concerns on the security of Mint, because everyone on the show seemed to unanimously agree that Mint was somehow unsafe. Not true. I’ll make a bold statement: You’re safer on Mint.com than with online banking. I’m sure you’re asking yourself: “How can that be possible? If I’m putting all my accounts in one place, then of course it’s even more vulnerable – like putting all your eggs in one basket.” Here’s how. Mint has the same data security practices used in online banking (encryption, network security, outside audits, physical security, etc). But on Mint, you’re anonymous. Notice that on our signup (https://wwws.mint.com/login.event?action=S) we never ask for your name, address or SSN. All that is required is a valid email. Mint knows about your finances…but it does not know you. We cannot tie the two together – and we like it that way. Also, as you may know, 90% of all fraud actually occurs offline( http://www.informationweek.com/windows/showArticle.jhtml?articleID=178600217), not online (e.g. someone swipes your card at a restaurant or from your mail). Because Mint is linked securely to all your accounts, one of its best features is alerting via email or SMS text-message. If your balance drops too low, or Mint sees unusually high spending, you’ll know right away. Without Mint, you would have to log into 4-5 different banks each day, or wait 30 days for a paper statement before finding out that something went wrong. It’s better to be proactive – especially because if you catch and report fraudulent bank activity within 2 days, your liability (by law) is limited to $50. Using Mint actually helps you in the fight against identity theft and fraud. The last point I’ll make is that even thought we’re a startup, our executive team has deep experience in both financial services and security: Intuit, Charles Schwab, American Express, PGP, and Ebay/Paypal. If you’d like to dig deeper into our security, or any other aspect of Mint, I’d be happy to answer any questions or concerns you or your viewers have. Aaron Patzer Founder & CEO, Mint.com Randy,

My response to Leo LaPorte’s concerns over Mint’s security is below, verbatim & with no edits:
—–

I’m Aaron Patzer, the Founder & CEO of Mint.com, which you mentioned on Tuesday’s TWiT show. I’m glad we “seduced” you into giving Mint a try ;-) Mint is the easiest way for most people to organize their finances, without the hours of accounting-like work required by desktop products (Quicken, MS Money).

I wanted to address your concerns on the security of Mint, because everyone on the show seemed to unanimously agree that Mint was somehow unsafe. Not true.

I’ll make a bold statement: You’re safer on Mint.com than with online banking.

I’m sure you’re asking yourself: “How can that be possible? If I’m putting all my accounts in one place, then of course it’s even more vulnerable – like putting all your eggs in one basket.”

Here’s how. Mint has the same data security practices used in online banking (encryption, network security, outside audits, physical security, etc). But on Mint, you’re anonymous. Notice that on our signup (https://wwws.mint.com/login.event?action=S) we never ask for your name, address or SSN. All that is required is a valid email. Mint knows about your finances…but it does not know you. We cannot tie the two together – and we like it that way.

Also, as you may know, 90% of all fraud actually occurs offline( http://www.informationweek.com/windows/showArticle.jhtml?articleID=178600217), not online (e.g. someone swipes your card at a restaurant or from your mail). Because Mint is linked securely to all your accounts, one of its best features is alerting via email or SMS text-message. If your balance drops too low, or Mint sees unusually high spending, you’ll know right away. Without Mint, you would have to log into 4-5 different banks each day, or wait 30 days for a paper statement before finding out that something went wrong.

It’s better to be proactive – especially because if you catch and report fraudulent bank activity within 2 days, your liability (by law) is limited to $50. Using Mint actually helps you in the fight against identity theft and fraud.

The last point I’ll make is that even thought we’re a startup, our executive team has deep experience in both financial services and security: Intuit, Charles Schwab, American Express, PGP, and Ebay/Paypal.

If you’d like to dig deeper into our security, or any other aspect of Mint, I’d be happy to answer any questions or concerns you or your viewers have.

Aaron Patzer
Founder & CEO, Mint.com

]]>