2009/09/27

Mint Promises

Mint is a great service, and I'm actually trusting it quite a bit.  But their re-assurances are giving me the willies:
Your credentials are safe on Mint.com.  We use bank-level encryption to secure your login credentials, they cannot be compromised. We are establishing a read-only connection to your bank, we cannot move or transfer money. -- mint.com
Of these 3 statements, the first is hopefully true for some reasonable value of "safe".  The second and third statements are demonstrably untrue, and they undermine the first assertion.  (As a matter of fact, when my bank offered a "read only" username/password mechanism, I tried it out with Mint -- Mint choked on the results.)  Mint has full access and can impersonate me to my bank.  I strongly dislike this situation and want Mint and the banks to change this.

Mint + Banks:  Please implement a least-privilege access mechanism.  OAuth would be great, but frankly anything including a read-only password would be better than today's situation.  Mint: You really want to be able to prove that you couldn't be culpable if there is a leak or a bug.  Banks:  You don't want people impersonating your customers, do you?  Do it the right way, guys.