A recent incident in which two of the country’s largest banks briefly blocked access to third-party personal-finance sites such as Mint.com has consumer groups riled up and the banking industry attempting to explain itself.
Panic: People lost their ability to manage their money for several days.
Earlier this month, J.P. Morgan Chase and Wells Fargo shut off data access between personal banking accounts and popular financial management applications.
The most well-known of these third-party apps that lost access to bank data for about a week was Mint.com, a real-time personal financial management program. Users’ frustration was abound as consumer groups stood behind them, all while banks cited their safety concerns.
The blocked access was restored days later, but it nonetheless highlighted a split between banks and consumer groups over how much information third-party personal-finance apps should have access to.
Consumer advocates see the issue as less about security and more about consumer rights.
“When you give Mint your bank password, you don’t give them permission to make transfers,” Lauren Saunders, associate director and managing attorney of the National Consumer Law Center, said to Reuters.
She adds that sites such as Mint.com have limited access to banking data, and consumers are generally giving those apps the right to act on their behalf.
“You don’t need to be a lawyer to understand that you are not a consumer who ‘grants authority to make transfers’,” Saunders added. “You are still outside the provision about giving someone an access device because you didn’t give the hacker permission.”
Mint responded aggressively about its security systems.
“Delivering secure and seamless connectivity is a shared priority across Mint and thousands of our financial institution partners,” Mint spokeswoman Holly Perez said to San Francisco Business Times.
Business, Security Concerns High
Behind the facade of security, banks may also see the situation as a competition crisis.
They believe that allowing access to their customers’ data is giving these services a huge advantage in the personal-money-management arena. Some banks have attempted to provide this, to no avail, with Mint winning over tech-savvy consumers.
And, behind that business concern, banks also claim that their systems are being overwhelmed by data requests.
Of course, security in the age of hacking is still a concern. Wells Fargo, for example, recently added two-step authentication.
“Aggregators potentially sit on a treasure-trove of financial information on customers,” Doug Johnson, a payments and cybersecurity expert at the American Bankers Association, said to the Associated Press.
“Oftentimes they will have credentials that would give access to every one of the customers’ financial relationships,” he added.
Could people leave their banks over this? The blocking saga comes at a time when younger consumers are changing their financial institutions more frequently, preferring to keep their money with small local banks. Stay tuned.