Simply put, your data is yours and only you (through your Registration Information) have access to your data on the Service.

We use a combination of firewall barriers, encryption techniques and authentication procedures, among others, to maintain the security of your online session and to protect Mint accounts and systems from unauthorized access.

When you register for the Service, Mint requires a password from you for your privacy and security. Mint uses industry-standard 128 bit secure socket layer (SSL) encryption to protect data transmissions between your browser and our servers, such as your Registration Information for Mint.com or account credentials for a third party Web site.

Our servers are in a secure facility protected by armed guards.

Our databases are protected from general employee access both physically and logically. All Registration Information and Account Information is stored in an encrypted database, and all backup drives and tapes are encrypted with different keys.

We enforce physical access controls to our buildings and files where sensitive data is present.

No employee may put any sensitive content on any unsecure machine (i.e., nothing can be taken from the database and put on an unsecure laptop).

Mint is independently verified secure and private. Mint has been audited by Verisign (http://www.verisign.com/) for its security practices.

Mint's Full Privacy Policy (https://wwws.mint.com/c/privacy.html)

What about all the unencrypted email that gets sent out with account balances, etc? Have you thought about offering PGP(gpg) encrypted email?

Armed guards, that sounds exciting! Whats it like going to work everyday? I work at an airport, and have to go through security everyday, that was fun. I used to work at a prison, odd because I never realised I was there until I had to go home for the day. Then I thought about the crazies that were just seconds away from killing me :D

We're going to change the alerts shortly.

The real question; is the data encrypted in your database? And who has access to the keys? Are they one time keys which expire per transaction or is there a fully accessible key escrow?

Also is the data coming from yodlee.com to your database / repositories encrypted? And if it gets dumped to a repo, does the data going back to the database get encrypted? What about the application does it handle its transactions back to the DB encrypted?

Also you need to setup a oversight committee comprised of members which are given access to review your facility and methods at least yearly if not more frequently. Otherwise anyone with more than a wit of intelligence will not utilize your services.

Having worked with encrypted databases I know there are a lot of issues. The data inside the Mint database may not be encypted. To wit, the category search allows partial string searches and I know for a fact LIKE searches are difficult on encyrpted data. If they are using MySql, this is definitely the case. If they are using an enterpise DB then it's possible they are using some sort of encryption library. But then you bring up a good point about keys. Encrypted hard disks are great if someone busts in and steals your hardware---somethings that seems unlikely. Personally I think the problem is not encryption, or security. The problem is that Mint does not offer terms and conditions that guarantee anything. The terms clearly state they can change anything, anytime. Your data simply is NOT secure under such terms because the entire promise is an illusory. This will be vigorously denied but unless terms guarantee irrevocable rights, you have nothing.

Having worked with encrypted databases I know there are a lot of issues. The data inside the Mint database may not be encypted. To wit, the category search allows partial string searches and I know for a fact LIKE searches are difficult on encyrpted data. If they are using MySql, this is definitely the case. If they are using an enterpise DB then it's possible they are using some sort of encryption library. But then you bring up a good point about keys. Encrypted hard disks are great if someone busts in and steals your hardware---somethings that seems unlikely. Personally I think the problem is not encryption, or security. The problem is that Mint does not offer terms and conditions that guarantee anything. The terms clearly state they can change anything, anytime. Your data simply is NOT secure under such terms because the entire promise is an illusory. This will be vigorously denied but unless terms guarantee irrevocable rights, you have nothing.

Very good points indeed. Especially guaranteed irrevocable rights.

Here is hoping they listen. :)

Personally, I would simply prefer that they develop a local down- loadable app. Which simply connects back to provide rudumentry information to facilitate Mint's value-add services. Far more secure if for no other reason than the individual is the actual data owner, handler, etc.

I'm a little concerned today after noticing that in Firefox, the secure Mint site is showing a broken, red padlock in the address bar. This seems to indicate that the site is only partially secure?

I know next to nothing about web security, but it would be nice to be reassured on this point. Is the site experiencing security problems, or is the red, broken padlock the normal state?

Thanks.

P.S. I really like Mint and I would hate to have to stop using it because of security concerns!

I definitely don't get the same issues (just logged into my accounts using Firefox).

I definitely don't get the same issues (just logged into my accounts using Firefox).

I definitely do, some 4 months after this thread was started, on some of the pages while creating an account (adding accounts). I'm unable to recreate it once logged in, but there's a problem on one of the pages during the initial sign-up process. Likely an image link that wasn't "https"-ified.

Your home page also accepts un-secure, unencrypted logins, which is obviously a bad idea. The link to a secure login is there, but it's not labeled as such.

I was just accessing my account and someone else's information popped up. At first I was just confused and thought that maybe I was a victim of identity theft - since I knew I didn't have any chase credit cards. Then I looked up and realized I was in another persons account. I took a screenshot as evidence of this and am now freaked out about who can see my information since I could see this other persons. Also, I have recommended Mint to many people and feel worried about them and their accounts.

wow

based on my initial analysis this place is security swiss cheese

Given that you are posting with an email address, not a user id that was created for the forums, I am somewhat skeptical of your internet security skills (most people don't expose their actual email address on any forum). A search for your email address also doesn't yield anything on the internet that supports your internet security skills that you claim to have (Yes, I checked sites like LinkedIn for your profile.).

Given that you are posting with an email address, not a user id that was created for the forums, I am somewhat skeptical of your internet security skills (most people don't expose their actual email address on any forum). A search for your email address also doesn't yield anything on the internet that supports your internet security skills that you claim to have (Yes, I checked sites like LinkedIn for your profile.).
I wouldn't worry about mroche's linkedin information as I would nhjan's comment. If it's true, that's not good.

I have a general question, but before I ask it I'd like to give some background. I work in the computer industry and know quite a bit about security, SSL, public and private key encryption, ciphers, etc. Forgive me if the question has been asked before -I didn't bother searching through all the threads.

The question has come up: How can Mint.com log into other financial institutions (when you log on to Mint) to retrieve data without somehow storing login information?

The immediate answer seems to be that Mint.com stores encrypted hashes of your usernames and passwords meaning that a malicious developer or script could "unhash" them decoding them into what you and I see.

The alternative would be Mint.com having struck a deal with their third party vendor, Yodlee, where sending them the Mint.com username would retrieve your corresponding financial institution login data. However, this sounds dubious since it suggests that there is another possible way to tie the Mint.com username to your account information (and in Yodlee's case created a separate database to manage this extra relationship). This implies that there is a vulnerability and that a Mint.com developer could via web services or a similar type of query retrieve all financial information for any given user given their username, or username and password, from Yodlee.

Coming from developing a website where security is incredibly importance, I understand these vulnerabilities. However, the data there was still available to the developers. Could I read someone's password? Not immediately, but it wouldn't be hard to do. Their hashed password/security question data values were stored in an LDAP, which I could then copy and paste and decode using a custom script. Seeing as how Mint.com has a very "start-up" flair to it, my best guess would be that Mint.com is using the same rudiments for their security.

The ONLY secure way that I can conceive of doing this, would be to place security in the hands of your users. That is, what another poster said - to use IFrames to render each bank's homepage individually AND have your users type in their login information every single time they log into Mint.com. This would guarantee that neither developers nor eavesdroppers could see your login data. Mint.com would then purely serve as an aggregation tool albeit a less convenient one than it is now.

Please tell me if I'm incorrect and if you've addressed your users' security in a better fashion. It would at least put my mind at ease.

I'm an independent developer, and I just want to clear up some possible misconceptions.

When it comes to security of your data, you must understand that under any circumstances, the developer of any application, or anyone else who understands the system, is capable of retrieving or decrypting any of the data in the system. In other words, there is NO way a programmer can design a system so that it's possible for a computer to automatically decrypt data for your use, while also being impossible for that programmer to reconstruct the same process to retrieve the data manually.

A programmer can create an encryption of data that cannot be decrypted, but then the computer that gives your mint website would not be able to decrypt it either. If data must be usable on the web, it must be decrypted to be used; therefore there must be a system behind it that can decrypt it. If any person has access to this system, that person also has the ability to access the data.

In most of the world's markets, there is a level of trust that is assumed. Being a developer myself, there are systems I have had access to that even the president or the owner of the company did not have access to in the way I did. I could "kidnap" their data and disappear, demanding a ransom, if I really wanted to. I've dealt with the monthly billing of 6K people, and being the designer of the system that reads their sensitive data, I can see some of the credit card and bank account numbers -- there's no way around it. But there is a level of trustworthiness that is demanded of responsible people when the need for responsibility and honesty is raised. When you're dealing with people's sensitive data, unless you're a crook, you just MUST be trustworthy with that data and not take advantage of it.

That said, there ARE yet ways to be further assured of security. This is analogous to the construction of a house -- a builder is capable of retaining access to any house he builds. It is impossible for him, being the only builder of the house, to guarantee the buyer that he has no means of entry. BUT he can install a camera system that sets a watch on the house and would notify the owner if even that builder walked in.

I believe Mint is doing the best they can to ensure security. The fact that they PAY armed guards just to guard their servers is notary -- they probably don't do that just so they can tell us about it on this forum. Having an independent firm come in and verify their security measures is something that cost a lot of money and didn't bring in any income.

this is sara I am new to this forum..... I would like to share these...
los Angeles investment criteria (http://www.rlhequity.com/)

Alright, now people asking about your specific security measures doesn't sound suspicious at all...

Alright, now people asking about your specific security measures doesn't sound suspicious at all...

I agree that there needs to be a level of trust. The fear of Identity theft, though real, is exagerated. The percentages of people that get impacted is so small in comparison to users. Even CapitolOne or large banks are going to encounter security issues. It only takes one malicous hacker to ruin the credibility for the entire website. As the website grows there is more chance of finding that one bad apple. On the flipside, the number of malicious people with the skills to hack a website is extremely small.

I would much rather choose to trust and suggest people buy Identity Theft insurance if they are realy scared of it. At least then we get the benefits of Mint.com I signed up for the other similar websites and Mint has the best usability. For Now,I just chose not to upload anything beyond my credit card. My credit card has built in liability protection so I risked less.

Can someone please close this account

Hi Damon,
By understanding all this , I can say that Mint always secure our Accounts so that No one can see our Accounts.