Movenbank: Would you trust this thing?!

By | August 23, 2012
TL;DR: Great idea, but lacks in fundamentals, starting from lacking a solid bank in the back end.

Wow. Great interface, and the kind of financial advice a lot of people probably need. If the banking experience is anything like that, it would be amazing. And a calculate-your-own-credit-rating system is a big plus.

But would you trust a site like this with your personal details? I personally find it appalling: Social security number, yearly savings, home address, and income… that's more information than any single bank has on file about me! And after you fork over all that information, you don't even have a contract – they will consider it based on your financial profile. 

Not just that, but the nice user-friendly marketing text won't convince me on that either: no easily-findable long 100 page document is for me a bad sign that a financial partner isn't to be taken seriously. That 100-page-document typically describes important things like what happens if someone tries to screw you over financially, how the bank is allowed to screw you, and how much you will lose if the bank decides to screw you.

Even security doesn't seem to be taken seriously: Login with twitter? Come on, an anonymous ID shouldn't be acceptable as an authentication mechanism. There are so many legal loopholes surrounding that. And e-mail to change key account details is, well, unheard of if you are serious about protecting people's data. Any security expert could tell you that.

/via +Yi Chiao Cheng

Movenbank, a promising restart to banking?
Thoughts and possible direction: It is similar to the social influence scoring sites such as Klout (at least the need for the permissions, the end game however is not clear. They could use this to tra…

14 thoughts on “Movenbank: Would you trust this thing?!

  1. Yi Chiao Cheng

    +Sophie Wrobel I guess that is always a price between convenience and privacy 🙂 

    Legislation is slow to catch up, enforcement even slower. So for now, the practical thing to do is either :
    1. Live in a cave (I like this option)
    2. Try as much as possible to minimize exposure (tough, doable but very inconvenient)
    3. milk the data for all it's worth (most profitable solution that has serious ramifications that are yet to be determined)

    Reply
  2. Sophie Wrobel

    +Yi Chiao Cheng the problem is not financial institutions authorized to get information from the government. The problems are:

    1) What does that institution do once they have the information? What happens if their servers get hacked?

    2) Who can recover access to your account at that institution (e.g. by claiming to have forgotten your password)?

    3) What else can you get with the number (e.g. once they hacked it out of Movenbank, they go to the tax office and get your tax returns for last year with all the rest of the ID data on those forms), or register with another online bank using your hijacked information and credit rating? 

    Reply
  3. Yi Chiao Cheng

    I'll probably do a short write up on what we have here in Singapore called Singpass, it's not perfect, however the citizen must authorize the banks or any other financial institute before they are allowed to view the information.

    Reply
  4. Sophie Wrobel

    +Yi Chiao Cheng Governments are too old-school for something like that. If you can present the information available on your identity card and the matching financial number, you normally have access to everything. Unless the US modernized, I believe they have one of the most lenient gatekeeping procedures, requiring just name, date / place of birth, address, and such details. Other countries may be slightly better, some requiring your ID number, but not much better.

    Also, if Movenbank (or whatever other online middleman) was hacked, you can say goodbye to your social security number secrecy!

    Reply
  5. Yi Chiao Cheng

    +Sophie Wrobel  wouldn't there be some form of safeguard or gatekeeper to stop the data breech? 

    On it's own the social security number would only be a number until it is hooked up to a database. If the database is secured then by intuition the information about the social security number would be secured as well right? 

    (Sorry I'm really not sure how it works in the States)

    Reply
  6. Lars Fosdal

    It would be very valuable for any direct sales org.  Combine it with what Facebook and Google knows about me – I'd see targeted ads that might tempt me to spend more than I should spend.  

    The other day, I was thinking about my groceries receipts and how convenient it would be if the articles bought, their price, and the shop where they were bought – was available in my netbanking pages.  Imagine being able to break down costs by article group, by shop, etc. directly in the bank – figuring out where it is cheaper to buy the various stuff?

    We might end up going the direction that Movenbank suggests, but for now I will only trust my bank, and not some man in the middle.

    Reply
  7. Sophie Wrobel

    +Yi Chiao Cheng Every bank, regardless of country, will need some financial-related personal identification number. It is also a good way to request private information from government sources if you have this number in many countries (of course along with information that is easy to obtain via social engineering or online searches) – so it's the kind of thing you'd want to handle with care. Legitimate institutions will require it, sure – though usually not before all your other information.

    Reply
  8. Yi Chiao Cheng

    Thanks for the reshare (yikes, I better improve my atrocious writing)

    And my concern is more of how quickly they can allow other users to access this, especially outside US (tough but i'm hopeful. Mostly every country has their own banking regulations which is a bloody mess)

    I can understand your concerns for privacy, but most of the time, our data is already being mined, might as well get something out of it. I am not sure about the importance of the social security number, however in Singapore, the user must authorize access to government records, especially our equivalent of the 401k (we call it CPF here)

    Reply
  9. Lars Fosdal

    Silly me read "Mövenbank" which immediately made me think of "Frozen assets" – but after reading the article, I have to say that exposing my finances to an unknown entity like this one, is entirely unthinkable.

    Reply

Leave a Reply

Your email address will not be published.