Why UK has no Mint (or why I stay clear of financial aggregator sites)?

By Rajkanwar Batra

Mint is a website in US & Canada which aggregates your bank and credit card information. On last count it had 10 million users. Now owned by a big corporation(Intuit), it was started by a 25 year old software engineer Aaron Patzer, and sold for US$170 million within 2 years of its founding.

Yet, for all its popularity across the pond it does not operate in UK. You would think that making it work for UK would take them a few weeks at the most.

So the question is why would they ignore a ready-made market of over 60 million English speaking people?

The answer quite simply lies in the view that local banks have taken towards such financial aggregator sites.

The way an aggregator like Mint would work is that you have to give your login details to a third party. This third party then uses your login details to log into your account on daily basis and collect your information. This information is then transferred to aggregator databases (Note: Mint does not outsource this, but all aggregators in UK do).

In US, the banks are ok with it.  They might not like it but they are much more relaxed about it.

UK banks are however a completely different story. Some specifically prohibit it (by including a clause in their terms and conditions) while others are silent about it, but do have generic clauses which prohibit sharing of login details with any one.

Yet a few local aggregators have popped up over time which promise to be the local equivalent of Mint. However, before you go on and handover access to your bank account to one of them please do consider the risks involved:

 Somebody can clean your account to big ‘O’

The aggregators like Moneydashboard, Ontrees and Lovemoney assert that their services are read only. Yet the login details they ask you to share, are exactly the same, which can be used to move money out of your bank account! While security procedures in place are no doubt very strong there can never be a guarantee that a hacker could not  breach it.  In a world were even bank websites get hacked in my opinion this is too high risk to take.

http://www.dailymail.co.uk/sciencetech/article-2636160/Beware-online-banking-Security-expert-reveals-ANYONE-hack-banks-app-using-free-internet-tools.html

‘It’s not me! Yes indeed its identity theft Darling?’

Closely related to above is the possibility that once the thief has your personal details, they can steal your identity and apply for loans or mortgage in your name. While you might not have to repay these as long as you can prove that it was not you who took them. But imagine the hassle and the cost of restoring your credit rating after something like this happens. Here is what BBC has to say about it:

http://news.bbc.co.uk/2/hi/uk_news/magazine/8302873.stm

Banks could disown any fraud on your account

Many banks make it abundantly clear that they are not responsible for fraud in your account if you share your login details with an aggregator. Note, it does not have to be a fraud where your data is clearly stolen from an aggregator. It could be just any garden variety type of fraud. Even if banks back away in such a situation  when challenged, do you want to go to the hassle of taking on a major bank in a court?

The risks are high but what about the benefits

Interestingly, for all the risk that you take, the aggregator services are neither reliable nor very useful.

In the rush to copy Mint most UK aggregators have implemented what can best be termed as Mint-minus functionalities. Further reliability of these services is very low. A minor change in bank website results in the service being down for days. As banks now push out two factor authentication protocols  more and more banks are bound to be not available to automatic aggregators any way.

Here is the take of Duane Jackson the founder of Kashflow on aggregator services: http://www.accountingweb.co.uk/group-thread/bank-feeds-you-know-theyre-dodgy-right

Sure downloading and uploading your own bank statement would take little extra time, but I personally think that it is a small price to pay for sleeping easy at night.

What are your thoughts. Please leave your comments below. I read and respond to all comments.

 

Weekly Personal Finance: News with Views

Want to keep up with what's important for your personal finances in 10 minutes? 6 articles selected from UK with context delivered in your inbox.

I will never give away, trade or sell your email address. You can unsubscribe at any time.

Written by Rajkanwar batra
  • Judith

    I am looking for an aggregator in the UK as with young children our time is limited and the importance of budgeting is high. I am concerned with PC based software I could lose all the data if my PC dies. I was going to use an aggregator but now don’t think I will after reading this. I am very surprised you have to share log in details to your bank accounts! Surely that is the first big NO of doing anything online. Would the banks / could the banks not provide each online banking user with an automated statement/bank balance/transactions pending download which could be emailed to an account of your choise (or aggregator?) That is what I assumed would happen. I can’t imagine it would cost them too much money to implement.

    • https://www.sortmoney.com Rajkanwar Batra

      Hi Judith, That would be easy for the banks to provide( they do this for business customers any way). But they seem to be wanting to hold on to their customer’s data!
      We have a money manager product at http://www.sortmoney.com. This is in beta but with us the data is stored securely online and you can import all your bank and credit card statements although you have to download these yourself. I would love to hear your feedback and thoughts.

      • Phase19

        Website looks naff

    • Billy James Wright

      Banks have no interest in people managing their money wisely. They want and need people to run into their overdraft, incur unauthorised O/D fees, and generally screw up because then they penalise the customer by… charging them money! This is why banks are so resistant to this. Giving customers the power and control and ability to spend within their means is abhorrent to banks, because it reduces opportunities to sting them with late fees etc.

      • https://www.sortmoney.com Rajkanwar Batra

        I totally agree

  • jonplackett

    it’s about time banks create a standardised way to provide read only access to your account. virtually every other institution in the world has created an api to give access to their data. how hard can it be for a bank to offer an api like facebook / twitter do, letting you allow / disallow access to whichever info you see fit – letting you give just read only access to an app like mint.

  • Chris Wilson

    Banks’ own apps are rubbish. Very slow, inconvenient (have to log in every time you use it) and don’t notify you when you make a transaction (like paypal’s app does) or when you are near your credit limit (banks wouldn’t do this because they *love* charging you overdraft fees). The protocol exists (OFX) but uk banks don’t support it because it’s not in their interests to play nice with anyone. If a bank started offering this I would probably switch. This us what we get for demanding “free” accounts instead if paying fairly for what is actually a valuable service. We get ripped off. Seems like a good deal to me!

    • https://www.sortmoney.com Rajkanwar Batra

      Hi Chris, I totally agree. Interestingly many UK bank now do it for their business customers so technology exists but for all the reasons mentioned by you they wont do it for their core general consumers.

  • Jonathan

    I am using a windows app called Geltbox Money. It aggregates to my pc almost all my financial websites. It saves me the time to download from each site every time I do my booking. I like that my login stays encrypted in my pc. See http://www.geltbox.com

    • https://www.sortmoney.com Rajkanwar Batra

      Hi Jonathan, Thanks for pointing this out. I checkout the website. It looks really cheap, there is no detail on how it works and what security measures are in place.

      Seems to be owned by a Company in US but hardly any details on people behind it.

      I created an account with password as ‘a’ and it accepted it. This is idiotic. The software seems to lack even the most basic of security features such as enforcing minimum password length.

      I really don’t feel comfortable sharing my login details with this software.

      In addition functionality available in terms of reports is extremely limited.

      Storing your login in the pc is probably no better and could be even more dangerous. I am sure it is encrypted when stored but that does not necessarily make it any better as the computers get hacked and hijacked all the time.

      • Jonathan

        Hi Rajkanwar,

        Thanks for your commenting back… I wasn’t sure about entering my passwords either but I first tried with some read only credit card accounts and until now works fine, as I checked that no other logins where done from other computers.

        They keep sending improvement updates every one or two weeks. I have sent them a couple of emails and they answered quite fast and corrected some small bugs and added new helpful graphs in overview. I have revisited https://www.geltbox.com and the site looks also better since I downloaded the app, they don’t write names but I found full trust certificates.

        I also asked them if I could save my passwords externally (i.e. USB stick) to improve security and they told me that they will implement this soon, let’s see…

        I think even thought the software is not perfect yet, it does what I need, it is the only one I’ve found that aggregates really all my accounts, even my PayPal account.

        • https://www.sortmoney.com Rajkanwar Batra

          Good to hear that it works for you. For me currently it still does not pass the smell test. It may do in the future with improvements and more transparency.

  • Dominic Seales

    Thank you Rajkanwar for this informative post.

    Apologies if I am a bit late to the party. This was exactly what I was looking for – a finance application that aggregated all my accounts so I could manage my various savings and budget my finances accordingly. After reading this really useful blog post, I now see the massive pitfalls of this.

    We are living in a time where materialism and capitalism are running things in first-world countries. So people are spending money that they don’t have and, as a result, more and more people are running into debt that they are unable to afford. I feel banks are enabling this activity too much and not taking enough responsibility.

    I personally don’t want to regress into going back to spreadsheets though as it is all too manual for me in a world where technology elsewhere is advancing so quickly. I feel banks should offer read-only logins for third-party APIs with a secure connection. This would at least allow aggregators to access these details in a safe way where there would be minimal risk of a security breach. I feel, at the moment, this is similar to Dr. Malcolm’s quote in Jurassic Park where he says they are trying things without putting enough thought into the implications.

    An alternative to allowing third-party access would be for the major banks to create a service for the sole purpose of serving the customer’s needs in this way, which essentially is an integrated aggregator for all the banks that sign up to this service. This way, the banks would have full control over the security. I appreciate that this kind of approach might make it all the more appealing to hackers but, if security is paramount in the implementation and continued security updates, then I believe it could be a stable system that would help to serve thousands or even millions of consumers wishing to manage their personal finances.

    I believe banks should wise up to the fact that people have multiple accounts with different banks and act accordingly. It is eventually going to cost more for all involved if there is not a system in place that has the correct security to prevent (or at least minimise) any kind of fraudulent activity. I would be surprised if the very people advising banks over how to save money have not suggested this approach as, although there would be some cost to implement and maintain, it would certainly work out cheaper than continued legal & admin costs to reimburse customers who have been victims of fraud due to putting their trust into these third party aggregators that are the only applications around that have the functionality people are looking for. The right approach would be to prioritise safety & security over functionality and at least get the basics down first.

    • https://www.sortmoney.com Rajkanwar Batra

      Totally agree Dominic. Although I am not sure banks will compensate customers who loose money due to a hack if the customers shared login details with third party aggregators.

  • AlexC

    Yorkshire Building Society bought Egg’s Money Manager which was an excellent and secure account aggregator – you never submit your login details to a third party (they are kept safe on your own PC) and was so useful in providing quick access / login to all your accounts. Unfortunately only works in Internet Explorer because it uses ActiveX and it has just announced its withdrawal (because it is not compatible with the latest update of IE). I have been told First Direct offers one which is nearly as good.

  • Nadeem Butt

    Hi Rajkanwar,

    Nice post, can’t believe people would give their bank logon details to some third party and think that their data won’t get hacked. I personaly use BankTree to mananage my accounts. I just download my bank statement into BankTree and all my information is there in real time.

    http://www.banktree.co.uk

  • acampbell09uf

    Don’t use SortMoney – the service is clearly defunct as their web server certifiacte has expired. Your details will be sent over the wire unencrypted. This also doesn’t pass the smell test..

  • Alex

    When a user is required to sign up to the company web site and hand over his/her account numbers, user name, password etc …it raises a major concern about security and data usage.

    I believe that perhaps private information should remain private and not stored or viewed by anyone else than the actual owner of the information.

    That is why i use Geltbox money -automatic download from any website (banks,credit cards) ,high level of security (Your financial data is securely stored and encrypted only in your personal computer),When using Geltbox you don’t need to give your banking account numbers and passwords to a third party!

  • kelsibeals

    In my opinion Slickpie(www.slickpie.com) is a free online accounting software. I recommend because it is very easy to use. Invoices are quick and easy to do with it, has a good support system and compatible with all devices. The document structure makes things very clear and simple to understand what’s going on.

  • Liron Weissman-Aviram

    Actually there are application in those days in the UK that are connected to a bank account in order to manage your budget – so I don’t think that’s the reason..

  • Mario

    Mondo is now leading on this in the UK, they integrate these functions into the use of their app. They only provide ‘top-up’ style cards though, not current accounts. Still, a step forward.

  • Paul Fearnley

    I understand the arguments, but why are aggregators acceptable in the States but not in the UK? Are they less risk averse?

  • Mike Farmer

    First Direct Internet Banking Plus