I disagree.
You are providing your information to a 3rd party, which has vowed to keep
your information safe. If that information is taken and used in a
fraudulent manner by an employee or someone with unauthorized access I think
that it would still fall under the banks fraud protection policies. If you
went out to eat and gave the waiter your credit card and he used your
information to buy a TV that would be very similar in situation and I don't
think that the bank would say it wasn't fraudulent, because I doubt a judge
would say that it was legal.
I've been using Mint since September of last year, all of my accounts are in
there and I have had no troubles.
"We ask for your online banking user name and passwords, but we do not see
or store that information.
That means no one at Mint, and no potential hackers of Mint.com,
can access your banking credentials."
The ability to update your information without storing credentials implies
that they have a way to authenticate against the bank's system using
something a little more secure than the username and password you were able
to pick when creating your online banking credentials. Probably key based
and since Mint is a read-only service knowing that you have $2345 in your
personal checking account isn't going to do much good for anyone. I
remember mint talking about security a long time ago and if I remember
correctly they mentioned using PGP. One of the main team members of Mint
was leading the development of server products for PGP, so he probably has a
little experience with securing information.
*Also not a lawyer, and I dont know about this TV you speak of*
On Tue, Oct 28, 2008 at 7:37 AM, Jeff Lasman <[email protected]> wrote:
> On Tuesday 28 October 2008 03:44 am, Chris Penn wrote:
>
> > an interesting question asked in the mint forum
> > http://forums.mint.com/showthread.php?t=823
> > "What liability or insurance does Mint have in the event that Mint is
> > hacked and my financial details are revealed to the attacker, through
> > no fault of my own? "
>
> One more interesting part of their answer:
>
> <snip>
> In addition to the points above, your credit card company protects you
> in case of fraud and you would not lose this protection in any way by
> using the Mint service.
> </snip>
>
> I am neither a lawyer nor do I play one on TV, but I believe if I give
> my login information to anyone I'm fully responsible for what they do
> and that I don't have protection any more than I would if I got drunk
> and went to my ATM and pulled out all my money and spent it on a
> hooker. Anyway, that's what both my bank and PayPal told me (though not
> quite in those words <smile>).
>
> I think their answer is wrong, and that I would lose my protection.
>
> Jeff
> --
> Jeff Lasman, Nobaloney Internet Services
> P.O. Box 52200, Riverside, CA 92517
> Our jplists address used on lists is for list email only
> voice: +1 951 643-5345, or see:
> "http://www.nobaloney.net/contactus.html";
> _______________________________________________
> LinuxUsers mailing list
> [email protected]
> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
>
--
Peter Manis
(678) 269-7979
