P2FM Services Walk The Tightrope Between Convenience and Security

The latest breed of American personal finance services like Mint and Wesabe provide great value by helping their users get a handle on their personal finances. Mint bills itself as an online personal finance service that securely downloads users’ financial transactions, categorizes their transactions, provides a unified view of all account activity and associated  account alerts, and offers personalized suggestions for significant savings opportunities.

Like traditional PFMs, Mint and others  provide generic news and advice related to personal finance  areas like income tax, interest rates, and so on.  But, by analyzing their users’ individual financial transactions, Mint and others are able to bolster their value proposition by making suggestions that are personalized for each individual. For example, Mint would be able to tell one user, “Hey Jack, you can earn $100 more by moving your $6,000 from your Bank of America account *6666 to ICICI Premium Savers Account”, and prod another one,  “Hi Jane, did you know that you can save $75 by moving your automobile insurance from XXX to YYY  insurer?” As a result, they are customized or individualized personal finance managers, somewhat like the financial advisors that high networth individuals employ. For  this reason, I’ll  use the term  ‘Personalized Personal Finance Manager’ or  ‘P2FM’ while referring to Mint, Wesable and other modern personal finance services.   

Welcome companions even in the best of times, P2FMs deliver more value now — what’s not to want about the chance to get every tip to earn more and spend less during these challenging economic times? No wonder P2FMs are seeing explosive growth in recent times with Mint alone claiming that it’s adding over 3,000 users every day, tracking $50 billion in transactions and $15 billion in assets and has identified more than $100 million in potential savings for its users.

Eager to experience P2FMs firsthand, I recently registered myself on Mint. At the outset, I was impressed by the anonymity Mint affords you by not asking you for your name or address. All it needs is your email address. Along the way, I learned that Mint would be able to deliver personalized suggestions relevant to me by analyzing transaction statements of my financial accounts without any efforts from my side. Wow, won’t that be very convenient, I said to myself.

To do all this, Mint required me to ‘link’ my financial accounts with its website. This meant sharing with Mint all the confidential information (like password, date of birth, and answers to secret questions) that I’d use to access any of my Internet Banking accounts. In other words, I’d be allowing Mint to get into my Internet Banking account on my behalf. 

This stopped me right in my tracks and I realized right there that P2FMs are walking a severe tightrope between convenience and security.

Even assuming I trusted Mint’s integrity and believed that it would / could never make improper use of my financial account credentials, I wasn’t so sure that a startup company would be able to protect my confidential information when large banks and credit card processors seem to be losing millions of customer records to hackers at regular intervals despite all their investments in security technologies. I also remembered the constant entreaties from banks never to reveal passwords to to anyone. So, I refused to link any of my financial accounts with Mint.

In the next two weeks, I received a couple of reminder emails from Mint asking me to link my accounts. I replied back to them sharing my security concerns. I haven’t heard back from them and assumed that they must be experiencing the same behavior from most of their registered users.

Lo and behold, that’s not the case.

According to data Mint presented recently in its response to Intuit’s challenge of its claimed user numbers, Mint mentioned that 30% of its 934,000 registered users (all in the US) haven’t linked any of their financial accounts to Mint (like me!). That meant that 70%, or 655K users, have linked at least one financial account to Mint (unlike me!). In fact, Mint claims that most of its users link between 5-6 of their financial accounts.

It seems that the value of personalized suggestions and the convenience with which it delivers them have allowed Mint to overshadow users’ security concerns.

Now, if P2FM services have seen explosive growth in the US, much of which has happened during the last six months of challenging economic times, we should be finding a similar trend in Europe, which is going through equally challenging times and has comparable Internet penetration as the US?

No! You’d be hard pressed to find any well-known personalized personal finance services in Europe. Why?

By automatically accessing their users’ financial accounts regularly (once every night, in the case of Mint), P2FMs may deliver great convenience to their users instead of asking their users to go through the inconvenience of downloading and submitting transaction statements frequently. But, in return for this convenience, users have to keep their security concerns aside and give away confidential information to P2FMs. Going by conventional wisdom about Europe’s security-consciousness, it’s no wonder that there are no well-known P2FMs in Europe.

To succeed in Europe and in many other countries in the world, P2FMs will have to tweak their model to recognize that not everyone will compromise on security for the sake of convenience. They’ll have to think of innovative ways to allay users’ security concerns, yet maintain middle-ground on convenience. The only P2FM I came across in Europe shows some progress in that direction.

Kublax, a barely known P2FM in the United Kingdom, does not force users to enter financial account credentials if they choose not to, so it’s secure. It analyzes transaction statements that are published on its website by users who visit their financial accounts themselves to download transaction statements. Although its website contains step-by-step instructions on how to download transaction statements from the Internet Banking websites of leading banks in the UK, I found this to be a somewhat cumbersome procedure. Then, when I realized that I have to repeat this procedure periodically (Mint does this once a day) so that that Kublax’s alerts and suggestions are current and relevant, I decided it was not worth taking so much trouble just to save some 100-200 bucks — which is the maximum savings that I reckon P2FMs can deliver per user on an average going by Mint’s claim of $100M in savings suggestions (for its 655K users). 

So, P2FMs have a long way to go to achieve the middle-ground on convenience.  

One concluding thought: If 655K users in the US didn’t mind sharing their financial account passwords with a startup like Mint, I’m sure a much greater number won’t mind doing so with their trusted banks. This should be the tipping point for banks to start offering personal finance solutions on their Internet Banking portals especially when seen in the context of the large user count amassed by early banking-sector PFM providers like Bank of America (2.5 million) and Wells Fargo (1 million).

4 Responses to “P2FM Services Walk The Tightrope Between Convenience and Security”

  1. […] seems to come at the cost of security and security makes life somewhat inconvenient (see P2FM Services Walk The Tightrope Between Convenience and Security and How Usability Can Increase Adoption of Internet Banking for a couple of my previous blog […]

  2. […] Even when people handover their Internet Banking usernames and passwords to Mint, Wesabe and other P2FMs (personalized personal finance managers), often against the advice of their banks to never share […]

  3. […] services, you have to give away the keys to your online account to Offermatic. Like I’ve written before, that might make a lot of people – including me – hesitate in going forward with […]

  4. […] out of the frenetic growth of personal finance management applications in their heydays. Click here and here to read my views on PFMs from that era, including why I’d termed them P2FM, or […]