Wednesday, September 26, 2007

Mint.com - Is it Safe?

Congratulations to Mint.com, named "Best Presenting Company" at TechCrunch40.

Mint is impressive at first glance: Great application, slick user experience design, and an innovative idea that offers real-world benefits to the average Joe.

For those of you not yet familiar with Mint.com, TechCrunch offers the following description: "Mint is a personal finance application that lets users track and monitor their financials in one place without the need of routine maintenance or accounting knowledge. Their application tracks bank, credit union and credit card transactions and alerts users to upcoming bills, low balances or unusual spending. Mint’s patent-pending technology automatically categorizes transactions, so users know with precision where they are spending money, what their bank and credit balances are, and how much interest they have earned. Their application also helps people find ways to save money by constantly searching for deals on credit cards, bank accounts, etc."

Stop and Smell the Mint Leaves

I may have brushed over a key fact with a little too much nonchalance.  Let's take a look at the summary above one more time. To use Mint.com, the user must provide access to personal bank accounts and credit cards. Although Mint.com claims that they use the same type and level of security as top banks, that feature should send up some red flags.  Essentially, Mint.com is collecting and storing all your banking information.

Such practices raise a series of questions: Is it safe? What about identity theft? Do you really want to give your precious personal information to a start-up? (The company did win the $50,000 dollar award at TechCrunch40 - let's hope all that money is going towards security).

Even the Big Dogs Get Attacked

Think security breaches aren't all that common? Think again. Earlier this month, the respectable brokerage firm TD Ameritrade had to notify their clients that a hacker gained access to a portion of the company's client names, email addresses and phone numbers. Any one of TD Ameritrade's 6.2 million clients can expect spam email in their inbox, likely an attempt to promote a particular stock. Although highly advanced, TD Ameritrade had no idea about the breach until users began receiving spam at email addresses that they only use to receive messages from TD Ameritrade.

Although TD Ameritrade immediately denied the incident, further investigations forced the brokerage to later (and I mean much later) recognize the occurrence.  The statement acknowledging the hack and compromise of personal client information was not released until the company could report that the issue was fixed - over a year after the incident took place. Many believe that the hack may have occurred as early as 2005, while the official TD Ameritrade announcement did not come until mid-September 2007. Not the finest moment for TD Ameritrade, to say the least.  I'm no math whiz, but even I know: slow response + poor security =  dwindling customer base.

If it is that easy to hack into a well-established company such as TD Ameritrade, can users trust that their precious information with the start-up Mint.com? Mint will face challenges as they attempt to gain the trust of mainstream, financially-savvy consumers. I would feel a lot safer if Mint's application was on a trusted site, such as Yahoo! Finance or Intuit. Do I smell a good buy?

The nobosh Bottom Line

One thing is for certain, hackers worldwide must be drooling over the opportunities provided by Mint.com; rather than being forced to apply their tricks of the trade across multiple sites, they can target their efforts on a single source of personal banking and financial information.  A dream come true for hackers, but is it too great a risk for you?

For more on Mints Security practices click here.



Tuesday, September 18, 2007

Dear Apple: I Want an iBerry


Dear Apple,

With the Christmas season rapidly approaching, I know you've got profits on your mind. Everyone loves their iPhone; the passion for this inanimate object stems from features and perks too numerous for this short note to you. Despite the sheer genius of the current iPhone, there is always room for improvement (possibly in the form of document support, basic copy and paste functionality, etc.) All of these items are likely in the works, I know, but keep in mind, you're talking to your devoted fan base that shelled out the original $600 when the iPhone was first released. We knew the price would probably go down. We didn't care. A keen sense for life-altering technology, we've got; a highly developed capacity to be patient, we don't.

Back the point of the letter: let me be the first to introduce you to the "iBerry."

One improvement to the iPhone that can be implemented now: A better keyboard. The iPhone's 31 letter keyboard is limited in functionality by the the size of its keys, which I estimate to be half the size of an M&M. My colleagues and I were setting records when typing on the Blackberry (7100 series), but typing on the iPhone leaves us feeling like we're pushing the pedal to the medal on a VW Bug when we used to own a Ferrari. I know you've told us that the iPhone's typing accuracy increases with time, but it will never improve to that of the Blackberry.  Hence, I propose the iBerry: Our beloved iPhone in all its glory, with the advantageous keyboard of the Blackberry.

RIM equipped the smaller BlackBerry devices with a technology called SureType. SureType is an ingenious predictive keyboard that empowers users with exactly what its name implies: An "assured" or "sure" typing that senses what you are going to write even before you write it.  Even better, the keyboard learns from its own mistakes and develops an improved ability to anticipate the words you type over time (the jury is still out on whether the iPhone is this quick on the uptake too). The real advantage of SureType is that instead of placing the full alphabet on keys that are half the size of a peanut, SureType reduces the letters necessary to 18. While the iPhone boasts abilities like no phone we've every seen, the SureType keyboard is noticeably missing.

The nobosh Bottom Line

Imagine it: 18 keys (compared to the current iPhone's 31) on the same surface area!  Think of the relief you feel when you unbutton your pants after Thanksgiving Dinner). Am I crazy to ask for Apple to offer to such a keyboard on the iPhone? Fellow iPhone enthusiasts, let's hear your thoughts (WPM welcome).

So Steve, or even Fake Steve, I'd appreciate a SureType option in the iPhone's preferences in the next possible update.  Let's have a good Christmas season this year.

Keep up the great work!