Here is a story about why I cancelled my account with Mint.com
This year, I broke up with my budgeting software. We had a good run while it lasted. At first, Mint.com gave me everything I needed: a free and simple budget tool that I could use on my computer or phone. I managed my money from one dashboard, linking my bank accounts, mortgage, credit cards, PayPal, and savings accounts to the app. It helped me make a budget (displayed in a colourful pie chart), track my cash flow, and monitor my credit score and savings. The app even sent reminders to pay my bills on time! But eventually, it wasn’t enough.

I Just Outgrew Mint.com

For one, I found the app rather time-consuming: I’d spend an hour a day scrutinizing every financial transaction. Sometimes Mint.com got things wrong too, by misclassifying or duplicating transactions. So I’d have to correct mistakes and be extra diligent about reviewing the numbers. It was exhausting, and for us, it wasn’t making a difference for our spending.

But the biggest reason for quitting Mint.com? My financial circumstances didn’t fit with this budgeting app. As a freelancer, my monthly earnings fluctuate from month-to-month and trying to stick to a set-in-stone budget just isn’t doable. One month, I might be making five-figures, whereas another might bring $1000. I needed a more flexible tool to fit with my family’s finances.

I also just outgrew Mint.com. After establishing my career and paying off my student loans, I didn’t need to live as frugally. I moved beyond budgeting to looking at other financial factors too, such as how to start investing, whether to contribute to a TFSA or RRSP, and buying a house. I also read some articles about some concerns about Mint.com (and other apps and tools that access your information), so I decided to shut it down.

Don’t get me wrong – a budgeting app can be an amazing tool that can help you achieve financial freedom. According to YNAB (You Need a Budget), new YNAB users save on average $600 by month two and more than $6,000 their first year (!). So whether you’re looking to get out of debt, track your cash flow, or save for a specific financial dream (like a house or vacation), a budgeting app like Mint.com, YNAB, or PocketSmith can help you get to where you want to be.

But it didn’t work for me, so I took a long, hard look at my financial strategy and tweaked it. Based on my experience, here are a few alternatives to budgeting with Mint.com:

Make A Financial Plan

Research shows that 50% of Canadians don’t have a financial plan, which is shocking. Everyone needs to make a financial plan – regardless of your age, income, or employment status. This isn’t the same thing as a budget. In general, a budget serves to track cash flow and prevent overspending, whereas a financial plan is a written report that outlines your short- and long-term financial objectives and priorities and sets out a path to achieve them. Budgets and financial plans work best together, but each serves a different purpose.

Surprisingly, you don’t have to hire a pro to make a financial plan. I created my own! The first part of the process involved thinking about what mattered most to me. Did I want to pay off my mortgage early or invest the extra cash? What made more fiscal sense: a TFSA or RRSP? Should I prioritize saving for my son’s education or my retirement? After getting my act together, I then scrutinized my assets and liabilities and calculated how much I’d need to reach my short- and long-term goals. Through this process, I learn that if I wanted to retire before 65 years of age, I needed to make investing my top priority. It was a very valuable exercise and my financial plan informs my budget.

These days there are even apps to help you plan for your financial future, like PocketSmith, an app which lets you use your financial history to forecast up to 30 years into your financial future. You can use Pocketsmith to plan for major goals like homeownership, debt freedom, or early retirement.

Sign up for PocketSmith and get 50% off a monthly Premium subscription for the first two months!

Follow the 50/30/20 Budget Rule

Mint.com didn’t work for me, but the 50/30/20 budget rule did. If you haven’t heard of it, the concept is simple: allocate 50% of your net income for needs, 30% for wants, and 20% for savings.

As a freelancer, this rule worked amazingly well because it didn’t require me to stick to the same rigid budget every month. It accounted for my erratic earnings and allowed me to “pay as I go” into my savings account. All I did was open a Tangerine chequing account to hold my “needs” cash (which stayed constantly at 50% of my after-tax income), and two Tangerine savings accounts for “wants” and “savings” dough. I chose to bank with Tangerine because I can have several accounts without paying any fees. Plus, Tangerine offers respective interest rates, making it one of the best high-interest savings accounts in Canada. I’ve been using the 50/30/20 budget for the past year, and I can attest that it’s worked well for me. All my bills are paid, and I have money in the bank for emergencies, retirement, and even a family vacation.

The lesson here: start a 50/30/20 budget and watch your money pot grow!

Learn more about Tangerine

Switch to a Robo Advisor

Once I nailed down my financial plan and budget, I took a long look at my investments. The first thing I did was open an investing account with a robo advisor. Robo advisors use automated technology and intuitive questionnaires to design a portfolio that matches your risk tolerances and is optimized for your investment horizon. Most robo advisors in Canada use low-cost ETFs to build your portfolio, and they rebalance automatically on your behalf. Robo advisors are also a heck of a lot cheaper than using a financial advisor, putting more money back into your piggy bank. All you need to do is sign up and start making contributions.

There are many excellent robo advisors in Canada that will provide you with a preset investment portfolio based on your financial needs. Some robo advisors even offer additional financial planning services and will pay your transfer fees if you are moving your money from a financial advisor.

Exclusive: Get $50 when you open a Wealthsimple account!

Automate Your Savings and Investments

Budgeting apps are great for monitoring your cash flow, but you know what worked better for me? Automating my finances by setting up Overflow by Wealthsimple. A free feature offered to clients, Overflow automatically invests extra money from my bank account into my Wealthsimple Invest or Cash account. All I have to do is set an amount of cash I want to keep in my chequing account. Once a month, any money on top of that amount will be automatically deposited into my Wealthsimple investing or high-interest savings account. After the initial set up, I don’t have to do anything except watch my savings grow.

Find the Right Financial App

There are oodles of apps out there, and you may just need to find the right one for you. There are financial apps geared to help reduce debt, increase your investment contributions, or supercharge your savings.

Case in point: although Mint.com didn’t jive with my life, an automatic savings app like Mylo made more sense since investing is my top priority. Every time I make a purchase, the app rounds up to the nearest dollar and invests the change.

For financial planners, PocketSmith enables you to do everything from calculate your net worth and create a profit/loss statement to run test financial scenarios and making financial projections 30 years into the future. All from your phone!

There are even apps that allow you to earn money! Yes, this is a thing: Paymi puts cash back into your pocket simply by shopping at any of their retail, travel, or restaurant partners. How it works: just connect your credit and debit cards to the app and then go shopping. Every time you spend money online or in-store at one of Paymi’s partners, you’ll get cash back. The app automatically tracks what you’ve earned and adds it to your Paymi account.

KOHO Visa is also getting rave reviews. It’s pretty ingenious: it’s a free pre-paid, reloadable card and integrated app that gives real-time insights into your daily spending. It functions like a chequing account but with the benefits of a credit card, even giving you cash back on all your purchases. However, unlike a credit card, you’re not using credit. So you’ll likely be more careful with your spending and save more money. In fact, the average KOHO user saves roughly 7% of whatever money they load into their account. Best of all, this financial app is free!

The bottom line: do your homework and find a financial app that works for you. Check out our round-up of the Best Budgeting Apps and Budgeting Tools.

Sign up for KOHO with YOUNGANDTHRIFTY promo code

Get a Rewards Credit Card

You know what put money instantly back into my pocket? Getting a rewards credit card. I finally clued in that all my everyday credit card spending could be put to good use. Now I’ve got a range of plastic in my wallet to serve every purpose: from travel rewards credit cards to cash back credit cards to low interest credit cards (because as a freelancer, I sometimes need to carry a balance during a slow month).

Since I travel a lot for my job, I also added one of the best Aeroplan credit cards to my collection. Now, I earn Aeroplan Miles for every $1 that I spend, which I can cash in for flights, travel (hotels!), merchandise, tickets, and other stuff. All of this saves me money, which I can funnel back into my savings and investing accounts later.

Last Word: Is Mint Safe?

Another big question: Is Mint.com safe? It’s true that Mint (and other financial apps) need access to your banking and personal info to function. There was a lot of fuss about privacy and security issues when Mint and other apps hit the market, but the hype has quieted down quite a bit. After all, Mint.com is owned by Intuit, the same company that produces financial software essentials  Quickbooks and TurboTax. Things have changed since the early 2000s, and these companies have invested a lot in security and ensuring that your privacy is protected. That being said, most of Canada’s banks don’t approve of financial apps that access your banking info, so bear that in mind. It’s a personal choice, and you’ll have to decide how comfortable you are with a third-party app accessing all your sensitive info.

Nonetheless, financial apps like Mint.com can be a godsend – so long as they suit your circumstances. But you shouldn’t rely on one thing to make your dreams come true. The best thing is to diversify your strategy, and use a multitude of tools. Creating a realistic and actionable financial plan and budget that work together is the first step. Then look at adding technology and tools to help you achieve your goals. If you can do that, you’ll be well on your way to success.

 

Disclaimer: Young & Thrifty has entered into a referral and advertising arrangement with Wealthsimple US, LTD and receives compensation when you open an account or for certain qualifying activity which may include clicking links. You will not be charged a fee for this referral and Wealthsimple and Young and Thrifty are not related entities. It is a requirement to disclose that we earn these fees and also provide you with the latest Wealthsimple ADV brochure so you can learn more about them before opening an account.

 

Article comments

88 comments
Prentiss Kent says:

Wonderful article, Lisa. I’m considering leaving Mint as well. Mainly because my finances are becoming a little bit more complex. When I started using Mint in the past, I had debt and needed to know where my money was going. The budget feature was great at that. Granted, I had to create some of my own categories to fit my needs. I get Michael Dodd’s comments about banks categorizing expenditures for you but I still prefer the personal touch. I buy a calculator and call it school supplies and the bank calls it electronics. Not a big deal except school supplies are tax deductible in the US and regular electronics are not. When I got rid of my debt and started to do more investing, that’s when I started feeling growing pains. The investing portion of mint is not great. I can get better information from the brokerage website. If your doing a side business, you can’t do a profit and loss statement. Not to mention tax reports. You have to “fool” the Mint program and export information from the budget one category at a time to Excel to get a good report. What I wish is for Mint to polish the existing program but offer Mint Pro for entrepreneurs, investors, and tax filers. I know there would be a fee but being able to convert withing the Mint arena would be a lot easier than starting from scratch.

Michael Dodd says:

Mint.com is becoming less relevant. Most banks are now categorizing your expenditures for you (Granted automatically) and offering a way to browse those categories to see where you are spending your money. (Chase just quietly started to let you browse for debit card, but Credit cards have already been there). The only thing Mint seems to offer is that it lets you see all your assets in one place, but if you do your banking at one place, your app will show you this too. It also is more pro-active in warning you, that you are going over-budget. I think Quicken was a better look for intuit in the long run, unless Mint.com can re-invent itself, banking apps are catching up, and will soon make it obsolete.

Flying Piloswine says:

I disagree with your sentiments. It is financially irresponsible to say “I outgrew budgeting.” Everyone needs a budget. If you dont think you have one, you are relying on your monthly psychological patterns for how much money you spend per day, and you are getting lucky.

In addition, if you are spending an hour a day reviewing mint, you are using it incorrectly. Mint should be checked at most once per week, and only to organize its mistakes (you can set permanent rules to fix these mistakes automatically by the way).

Mint has its issues, but it is the best free automated budgeting app I have used. At the end of the day its just software, and the security of your account is up to you. Most security breaches happen because of bad internet use habits

Lisa Jackson says:

Hi there,

I am definitely a fan of budgeting, and everyone should have one. I never said, “don’t budget.” Mint.com just didn’t work for me once I started freelancing full-time. No judgement on the software itself, as I’m sure it super handy for others, like yourself.

As I said, I’m now using the 50/30/20 budget, which works fabulously for me and my family. It’s just a better fit for us.

If Mint.com works for you — that’s great! Everyone is different. To each their own!

Lisa

Bob Cooper says:

I have just deleted Mint because of poor customer service in resolving my issue with connection issues they admit to having with many banks across the country. In addition, they only use chat lines for customer support and their tech support is poor and can’t understand the company’s connection problems.

Fenty Rayess says:

kloviaclinks com tools came to my rescue and saved me at the very point of my need by sending $75,000 to me few hours ago. I am so grateful to them.

Art says:

I love the idea of Mint, however they should be using API keys. Accounts are only as secure as your password and by linking your account between Mint and the bank you are litterly handing over your full username and password to your bank web services. You lost me here. If this was one way only as they say, you should have my login credentials to login into my bank account. That info gets out, you are fawked. With API keys, you can’t do anything!

AOL says:

Quickbook and Waveapps connect to the bank accounts and download transactions to perform accounting function.
It’s unavoidable if you want to run your business without having to manually record all transactions in Excel especially if you have hundreds of transactions a month.

Julie T. says:

BEWARE because if you only have a single bank set up on mint.com, but have different types of accounts (checking, savings, loan, visa, etc.) with that one bank, AND you delete just one of those accounts YOU WILL LOSE ALL THE DATA FOR THE OTHER TYPES OF ACCOUNTS! I found this out the hard way, and lost everything. (FYI – the account I deleted was at the bottom of my list, and may have been the first account I set up. Don’t know if that made a difference).
I would have expected an error message, telling me this would happen. Wouldn’t you?

Tyron says:

Given all your (good) reasons to not provide security credentials to the third-party, isn’t it the perfect time to start pushing banks to allow us create “read-only” type of credentials? Mint only needs to read data from the bank account. I would be comfortable with providing Mint with a user/password that would not be granted rights to move money around or pay bills; just read accounts statements.

Venky says:

@young, I signed up for mint a week ago . I am curious how does other budgeting softwares like YNAB and Quicken work. They would do the same thing to import the transactions from the bank. Is it not ?

AC says:

Hi Katya,

I think if you changed the login passwords for your bank accounts, it would have prevented Mint to access your accounts.

i also broke up with mint. thanks for your well researched article. unfortunately for me, MINT has refused to break up with me! i closed my account several years ago, and then noticed they continued to send me weekly emails about my spending habits. at the time my bank account was still linked so the numbers were changing every week. i was disturbed to discover that, because my MINT account was closed, i could no longer go in and stop the auto emails. i tried to contact customer service a few times and they never got back to me. (again, probably because my account was closed?). So I had to re-open my account and eliminate my bank account info, and close it again. what to my distress, i am still getting the weekly emails, this time without any dollar amount, just zeros. i have tried contacting customer service and nothing. so i just delete the emails as they come in. i hate MINT with a passion for not letting me break up with him.

URDRWHO says:

Just keep putting all your finances online, just keep doing it and I lay money on the table — there will be a day it will be hacked. All your info that laid on that could server is gone, in the hands of someone in a foreign land.

Let me keep my information on my computer, with the password stored safely inside my little head.

Doug Mehus says:

Johnny, Jason, et al.,

The fact that you may have received a spam/scam e-mail purporting to be from Mint.com is most likely wholly unrelated to your recent sign-up(s) with Mint.com. Spammers, and scammers, purport to represent all kinds of companies, from major banks or credit unions to companies like PayPal, eBay, and Mint.com being common targets of such misrepresentations. You really should forward such e-mails to the legitimate companies’ security departments for them to flag and be aware of instead. 🙂

Cheers,
Doug

Johnny says:

Just right after I registered my account with mint.com by using my email address and cellphone# I received scam text from scam phone# that I received money and the link for me to deposit into my account. After this happened, I deleted my account, changed passwords for my 2 banks.

Same thing happened to me when I just subscribed to Netflix then few days later I received an email from fake Netflix to update my payment info.
I think these scammers are working in those companies (even if contract working outside).

Doug Mehus says:

G. Champagne, that’s correct; however, most Canadian banks and credit unions are now offering their own personal finance tools, either in-house or through third parties but mainly the latter. I’d argue that they’ve effectively invalidated their own argument against Mint.com otherwise it is tantamount to unfair competition by giving preferential security guarantee status for their own service. 🙂

I’d still recommend people NOT tell their financial institution if they’ve used Mint.com, if their bank account is compromised. Mint.com cannot disclose your account to them if they ask. Moreover, it would be nearly impossible for them to find this out. Just tell them you DON’T use it if they ask.

Cheers,
Doug

G. Champagne says:

People in these comments don’t understand that the problem isn’t that with Mint.com informations, hackers can get your account’s info. The problem is that if your bank account is hacked and they find you have a Mint.com account, you get reimbursed ZERO DOLLARS, even if the hack has no connection to Mint.com because you gave your PIN to a third party. Same as if you admit your wife/husband knows your PIN, you get zero dollars.

THAT’S the problem.

kotoula01 says:

My son signed up for mint and had $1200 stolen out of his account thru a mint hack in Calgary. The bank would not reimburse him so he was just out the money. I wouldn’t use mint because I know someone personally who has been hacked. Luckily that account didn’t have more or he would have lose more.

sthomas says:

I’m considering using Mint but want to get some more information before deciding. Can anyone give me an opinion on how safe they think this would be when linked solely to a credit card? I exclusively use my CC to make purchases (I get cash back, +more secure) but I’m not sure who would be responsible in the case of a data breach, my cardholder or Mint.

Also, can anyone tell me what sort of fees they racked up by using Mint? Thanks!

Anthony says:

This is a non-issue with strong passwords. If you don’t use password managers like LastPass or Dashlane to generate strong passwords and get your bank accounts hacked, it’s your fault.

I’ve been using Mint since 2011 and have never had a security issue.

Enjoy Mint.

Brian Clendinen says:

A mint breach would actually not be a big deal if my banks offered physical security token authentication for any withdraws that were not done via check or atm card. That way even if they were able to log into my account they could not transfer any money unless they someone broke the banks servers which kept my specific security token (or physically stole my token). I would pay extra ($50 to $60 a year but not over $100 a year) for this service but only very large account holders and business are given this option in America. I have been told this it normal practice for consumers in European banks. So its really the banks fault that they suck and don’t allow me to have extra security even though they could charge me for it.

alon says:

When a user is required to sign up to the company web site and hand over his/her account numbers, user name, password etc …it raises a major concern about security and data usage.
I believe that perhaps private information should remain private and not stored or viewed by anyone else than the actual owner of the information.
That is why i use Geltbox money – it doesn’t use any third party Aggregation site.

Suzanne says:

Doug is right. Banks would rather you use their dashboard and import all of your other accounts to their convenient PFM software because they will use the information to market products to you. I know this because I work for a bank and just sat through a demo of software that would give that capability to our marketing department.

Doug Mehus says:

The curious thing about the “Big 5” banks and/or major credit unions that loathe personal finance apps like Mint, which I have no problem with so long as they can prove they meet strict security standards in terms of usernames & passwords at the same or higher level than the average of the “Big 5” banks and/or major credit unions, is they’ll launch similar personal finance-consolidating “tools” that sign in to your external bank accounts to consolidate your personal finance information into a single “dashboard” (i.e., BMO, RBC and First West’s various divisional “brands” all offer this service, among others). Aren’t they “compromising” your banking agreements with other financial institutions? If anything, I think that should mean Mint should be an appropriate exemption from that section of one’s banking agreement – or at least a valid argument in court should a consumer be forced to sue their bank that would deny reimbursement for fraudulent activity on their account. 🙁

Brian says:

I feel you. Now that Mint.com added bills, I’m outta here. I.e. They went from the relative safety of read-only to murky land of read-write. On a side note, I have yet to find a local application that acts like Mint with regard to online accounts. Most of the software out there is ledger software and I LOATH ledger software. I want a solution that simply shows my current balance from my bank and uses the transactions simply for budgeting.

Peter says:

This article applies only to Canada. In the US, under federal regulations, banks are liable for any unauthorized spending even if the user transmits the login information to a third party as long as the user did not authorize the third party to conduct transactions.

Doug Mehus says:

First, in the interest of full disclosure, I don’t use and have never used Mint. However, I think it’s a valuable, easy-to-use and time-saving personal finance tool that should not be discounted and to which I’m warming.

The issue I’d had was, by giving your username and password for a bank account, regardless of their security practices (which seem as good or, in some cases, better, as they offer optional two-factor authentication, than the major banks) , you may be invalidating your “security guarantee” with your major bank. However, as I understand it, RBC’s own internal “RBC Finance Tracker” and many credit unions’ money management tools use a “third-party service to aggregate” your balance and transaction histories from your various external bank accounts once linked. This is the same as Mint so I’m not sure their argument holds any water anymore if they’re doing the same. Similarly, they also partner with SecureKey Concierge and the Government of Canada to use your online banking sign-in details to access Government of Canada services. It’s a bit different but, nonetheless, similar.

Moreover, even when I worked in the bank, I would occasionally tell people that happened to use a money management service such as Mint and happened to have their bank account compromised, to just tell the bank they didn’t use any service such as Mint if asked. It’d be extremely difficult to prove and, so long as your bank account was legitimately compromised, you should have a right to have the funds reimbursed by your bank at its expense. No?

Cheers,
Doug

nancy says:

We used to LOVE Quciken until it sold. 2016 is a disaster, no support, just the same thing over and over. Will update, then it won’t. Crap software. Anyone using Wifi on their PC or other device can be hacked. I NEVER make purchases on a phone, for instance, too easy to hack. Quicken needs some good competition. Sadly none’s there. I may try Mint, as others rated it pretty good.

Jim Somerville says:

This should be a technical solution. OAuth2 is a mechanism that most tech services like Google, Microsoft, Facebook, etcetera utilize for a user to allow a third party to access content from their site. User credentials (username/password) are not stored or entered in the external site, permission must be granted by the end user, and permission can be revoked by the user at any time.

In this case, it would be the banks providing OAuth2 capabilities for integration with Mint. Banks probably do not want to create this capability. They would blame OAuth2 for not being sufficiently secure. But, this is likely a red herring argument to disguise the real reason: banks want you visiting their sites so they can sell you new services.

theSPOOLER says:

The banks that provide a read only password sound like a great idea.

For those that don’t, it seems to me simply changing your banking password after adding an account on Mint will mitigate any issues. If the banking username/password is truly only provided to authenticate who you are (like showing your driver’s license or passport), once the token (unique number that lets your bank trust Mint) has been saved by Mint, your password should no longer be needed to pull your banking data into Mint. Now you can sleep at night.

Ev says:

The article makes no sense, whenever it was published. Banks have for years now made it so that computers that previously haven’t accessed a bank account require a 2nd form of authentication. In other words, I could list all my financial institution’s passwords online and it wouldn’t make a damn bit of difference, as someone logging into a bank with those passwords will be required to enter the 2nd form of authentication (e.g. enter a code from a text message to an pre-authorized phone, answer a security question, etc.). So unless you’re dumb enough to have a security question whose answer is easily searchable online (like your birthdate), then basically Mint isn’t any more of a risk than keeping your passwords on your computer, which can frankly be a lot more easily hacked than Intuit. By a long shot.

Alejandro Martinez says:

I’m no conspiracy theorist, but then again I’ll be right now… because it’s been a long time and I see no progress.
The easy way to remedy this is to have a read-only password for your bank accounts, a password that cannot let you use your account, only “see it”, this password is the one that should be given to Mint.com not the full access send, wire, pay bills password.
Easy fix, no advancements on that.

Angela says:

Hey! Does merely closing the mint account resolve the issue with the banks so that you become protected for fraud again? Or are there any further steps you must take?

MrSLM says:

Found this post while searching for mint finance Canada 🙂 I’ve seen the service recommended time and time again by bloggers, and even by some coworkers, but having a setup where one site knew all my passwords and info felt a bit like playing with fire. I can probably whip something up in python to automagically sort everything, it’ll just take some time and effort.

Anthony Cho says:

Juliette,

That’s interesting because I’m using Tangerine chequing/savings/TFSA accounts on my Mint account and they’re owned by Scotiabank.

Can you share the URL where I can find more information about the Scotiabank’s statement for my own reference?

Thank you.

I wanted to adopt Mint but I found out it doesn’t synchronize with Scotiabank bank account. Considering the bank publicly said that it found Mint risky for all the reasons you mentioned in the article, I’m assuming they aren’t trying to fix the glitch.

So I canceled the Mint account I had just opened, and I’m back looking for a good budgeting software!

Laura says:

Note that in the Privacy Statement mint.com can “at their sole discretion” turn over your account to any law enforcement or regulatory agency. Just because you have nothing to hide does not make this violation of the 4th Amendment okay. Check out the documentary “Terms and Conditions May Apply.” I’ve been using Mint to figure out my financial situation after a separation, but I don’t see how it makes sense to continue with Mint.com with such a one-sided (“screw the user”) privacy policy.

Anthony Cho says:

4/27/2016

I’m still using Mint despite the irky privacy statement below. I’m not concerned about security issue at all (I update mine every few months), but I’m more concerned about their transferring customer data to an acquiring company if they’re sold.

“If Mint or its assets are acquired by another company, or in the event of a merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, we may transfer, sell, or assign to third parties, information concerning your relationship with us, including, without limitation, personal information that you provide and other information concerning your relationship with us. Such 3rd parties will assume responsibility for the personal information collected by us in connection with our business operations or through our Sites and such third parties will assume the rights and obligations regarding such information as described in this Mint Privacy Statement.”

robmausser says:

@Schultzter

Mint does not have your passwords. They have a unique, unencryptable hash key that was created by your bank account in order to connect Mint to your bank.

You enter your login information with your bank, and your bank sends a unique API key to Mint.

That API key can only access certain bank info in a read only format. It can’t be used to get into your account.

Mint never stores your passwords for your bank.

Do you really think your bank would let a third party app have this information?

Dylan says:

Sorry, but this isn’t always true.

When I signed up to Mint a while back I tested this theory:
1. Enter your bank details into Mint.
2. Wait until Mint syncs your transactions (to make sure everything is working).
3. Go and change your banking password.
4. Whoops!! The Mint sync is now broken (because Mint is using your old password to try and connect).

Note: This isn’t true for all banks. There is such a thing as “open banking” which is a push to get more banks to supply a read-only API keys that can be used by companies like Mint to connect to your bank. However, as of 2020 this isn’t in widespread use by most banks (at least in my country).

Richard says:

Dylan, I think the bank has to invalidate the token if you change your password. Otherwise, the company using the token would have access forever.

mint user says:

This concern is completely mitigated if you use banks that have a “Saver ID” like Capital One 360 (previously ING). They offer a unique password that only allows read only access to your bank. This is the code you give Mint instead of your real password so your money is in no danger.

J Randomme says:

Hang on a second. You say your accounts will be wiped dry, and then you say “However, once they get in, they won

Schultzter says:

It’s two issues I think:
1. The Mint web interface won’t let you do any thing (read-only) but Mint has your passwords, so if some one hacked the Mint server database and got your password they could then log into your actual bank’s web site and conduct transactions.

2. If they only got into your Mint account they would still be able to gather enough personal information to then call your bank and impersonate you. Things about your bank account that should only be available to you via the bank’s systems (web, ATM, statements, etc) but are now on Mint too because they copied it or you entered it.

For me the killer, no matter how good Mint’s security is, is that your banking agreement makes you liable if you give your password to anyone else. If the bank is hacked then at least my money is insured, but if Mint gets hacked I doubt they are insured and I know I definitely don’t have insurance against Mint getting hacked.

J Randomme says:

Thanks for clarifying, and the author needs to hear that this IS a fantastic article (great work, really), but the mere ‘read-only’ access was confusing in the context of a security threat of accounts being ‘wiped’. Again thanks for the response. As a freebie, some personal insurance/renter’s insurance packages in Canada now include e-theft/ID-theft coverage. Where your bank will not cover you, your personal insurance may! (But it’d be subject to a deductible fee of course). I am not sure if they would have an issue with the banking passwords on third-party sites and deny you coverage however. That’s something each person would have to look into when purchasing personal insurance.

Kyle says:

That’s good information J Randomme. I may have to look into that a little deeper as an article idea!

Lee says:

What robmausser says just above. I’ve used Mint for 3 years with absolutely zero problems. Even getting passwords to my logins for bank, etc, isn’t going to do any good as I’ve taken other steps to ensure that my accounts are safe (PINs texted to my cell phone for example).

Ryan says:

I don’t have a lot of money and working on paying down debt and staying in a budget, so my risk is pretty low already.

Mint.com really helps with seeing where my money is going and the benefit far outweighs the risks for me.

c0d3m4u5 says:

You are more likely to have your bank account compromised by malware you unknowingly download to your PC or by phone and internet scams than by Mint getting compromised.

robmausser says:

There is literally zero…zero way that anyone could ever use Mint.com to steal your money.

This is because its a one way street. Mint is only allowed from the API (that is what your bank uses to add their service to Mint) to view the status of your funds and transactions. Thats it.

Now, someone could hack Mint but all they would get would be your financial history, which may be unsettling to you. But they could never get your money.

They would have to hack each of your individual bank accounts first.

I know you add your banks to Mint by logging into your bank information on that add account page, but that is being handled by your bank, not with Mint. Once you log in, your bank gives Mint a special access hash that is unique to you, your bank and Mint. Its cryptographic, meaning by itself it has no meaning, it can’t be used to hack your bank and even if they could, like I said, it only gives someone access to view your transactions.

So rest easy that its impossible on a physical level for hackers to take your money with Mint.

It would be much easier for them to do it straight from your online bank websites, which I am sure you now log into individually on your computer. If I was a hacker trying to take your money, I would much prefer this approach.

You are actually making yourself more vulnerable by using each of your online banking websites rather than just Mint!

AntiHacker says:

It is more likely that your computer will get infected while you are browsing the internet for whatever you browse for, and that your credentials will be stolen that way.

Mint and all the other budgeting apps encrypt your passwords. So even if they were hacked, now the hackers have to crack encryption to get your password.

The solution is simple people…and here it is…use MULTIFACTOR or TWO step authentication for your banks. So when you go to login, you have to use your password and another piece of information that is only good for one use. Some banks give you a little device with numbers on it that change every few seconds, other banks text you a code to your phone. Other banks only allow access from a specific IP address or a specific computer.

Meaning, you need your password, but you also need to use a one time passcode to access your accounts, or access your accounts from a specific location/computer. So even if mint.com or any other app is hacked, and they manage to decrypt the data and get your password, it is useless.

I like the comments everyone has made, and Young, you bring up some great points, i just wanted to let everyone know that there are some things you can do to lower the likelyhood of getting hacked.

Also, protect your email account. I mean, you receive statements and account info in your email right? How many of us have gone paperless? Use multifactor for your password and tell your banks to enrypt and password protect your statements when they send them to you.

Divya says:

I came across this webpage because I googled ‘mint.com for Canada’ and wanted to become a member to get a better understanding of my finances. I haven’t used any of these softwares before and I’m new to this too.
My question to you is – what are you using now? Is there something you recommend?
I read your concerns about mint.com and I agree with them; however, for now, I will create an account with it just to experience it 🙂

Cory says:

So we love using mint because it will track our expenses effortlessly

Kyle says:

I’ve always wondered why it had to be envelopes Cory. Maybe there is an app opportunity there for you?

Cory says:

Update: I’ve joined a startup and we’re making this idea a reality! Rather than overspending every month because I’m using mint, envudu gives you a card that helps you manage the money you actually have! See how much you have to spend before the end of the month (when it’s too late). Check out our website and let me know what you think! http://www.envudu.com

Ruslan says:

Absolutely valid concern, however there are banks that allow to create a read-only guest account which works great for third-party applications like Mint. I won’t name banks I know that provide such feature just not to make any awkward advertising here, but we can discuss privately.

And if there are some destructive actions made through read-only guest account (which functionality is provided by the bank), the bank is responsible for it.

That’s how I started to happily use Mint.com and plan to do so as well.

Rick says:

The really stupid thing is that there are lots of ways that something like Mint could be done without having to give it your banking password. The banks would have to get onboard with the idea that you should be able to give your info to third party websites via their website. The problem is with the banks, not with Mint. Doesn’t help those who would like to use Mint though. The thing I don’t get is why Mint doesn’t have capability to upload a spreadsheet/CSV file – it would be easy enough to create that capability, and then I wouldn’t have to enter my password, I could just download my data from my bank and upload it to Mint …

For the record, I do use Mint, but just for my credit cards and one chequing account. If those were hacked, it could be a pain, but my financial loss would be quite limited. And between those, my monthly cash flow is 100% covered, I just have to track my investment activity and net worth elsewhere (spreadsheets).

Stephen says:

I’ve been using Mint for about three years. I originally had these same concerns. But since then, my financial institutions have added the third layer of protection to their website. The third layer requires you to enter a security key or secret question if you log on from an unrecognized computer. Since Mint doesn’t have this information, neither would a hacker. Unless they were already sitting at my personal computer … in which case me and my roommate would need to have a little chat 😉

Bruce says:

UBS wants an explicit confirmation of this risk exposure now:

As per your request, you authorize and direct UBS Financial Services Inc. (“UBS”) to allow Intuit access to your OLS account. In consideration of UBS complying with your request to enroll in this service, by entering your OLS User Name and password and by clicking the box below, you agree to hold UBS harmless from any loss or damages that you may incur as a result of providing Intuit with your User Name and password, including mistaken identity, unauthorized access to your account, unauthorized use of Bill Pay, Funds Transfer and other means to transfer money and securities, unauthorized acquisition and use of your personal information by others who may access your accounts via OLS.

Bobby Smith says:

I work in information security. If/when Mint gets popped all your bank accounts won’t be zeroed out. Even if a breach occurs at a third party, if money is stolen from you, your bank should replace it and run an investigation. Fraud is fraud no matter where it comes from. I use Mint for all my information and have no intention of stopping. For those of you who are thinking you’re safer to use a homegrown spreadsheet… trust me it’s a LOT easier to get into your box then it is to pop Intuit’s servers.

Jawn Dough says:

Bobby, this is incorrect. Your card holder agreement doesn’t protect you from fraud caused by negligence. If you give away your login details to a third party, you forfeit any protection the bank offers. There was a story years ago of a Canadian who was victim of fraud and never got a penny from the bank because he admitted that his wife knew his PIN.

Jacques says:

So how is keeping your information on a spreadsheet, notebook, day-planner, quicken, or YNAB any different? It all can be considered third party.

Its simple, if you get hacked you don’t tell your bank you use Mint. Like Bobby said, it is a lot easier for a hacker to get your personal files then crack mints intense security
.

maggie says:

Hi there,

Just curious if you then took the extra step to change your bank accounts (i.e., close the old ones and open new ones). If there ever was a breach to your account, would your bank know that you had once given a third party access to your account and on that basis can they then deny any claim for stolen money? Just wondering how the agreements work in such a case. I know if you have your debit card compromised for example, they ask you whether you’d ever given your PIN to anyone.

Interesting post.

Cheers!

Peter says:

Of course banks continually like to remind Mint.com users that bank accounts are not protected from any losses due to a third party that provides an online account aggregation service. The reality, however, is that it seems that banks are more fearful of the transparancy that Mint.com brings in respect to the charges that each and every bank quietly charges their customers. Mint.com easily allows its users to see whenever a bank charges any fee.

The reality is that:

1) Intuit, the owner of Mint.com, also provides the same security software for each and every one of the banks;

2) Even if one were to hack into a mint.com account, you would have no access to any funds; and finally

3) If one were to access someone’s funds, they would need to hack into the person’s bank account as Mint.com would not provide any necessary information to access any account.

I am risk adverse as well, however, the transparency of all banking transactions and fees, ease of use and security that mint.com brings in my mind outweighs the opinion of the banks telling me that Mint.com is unsafe.

Greg says:

I use YNAB, so all fianacial info is on my computer and there are no account password details stored anywhere. I also only have one bank account since you use YNAB to allocate the money, not different accounts. Mint is simpler, buy YNAB is safer and better for budgeting.

Ron P says:

You might want to take a look at GNUcash (http://www.gnucash.org/). Free opensource software. Runs on Linux, Mac, and Windows.

Money Beagle says:

I have a spreadsheet that I have developed and tweaked over the past ten years, and it’s so customized that I know there’s nothing that could replace it. So, I never jumped on the Mint bandwagon. I can see and understand your reasons. Security is huge.

Miriam Kearney says:

I realize that this is years later and don’t know if replies to comments are sent to the commenter but I hope so. I also use a spreadsheet that we developed using some of the principals of YNAB – give every $ a job. I am confused now because the budget shows that we have money that I don’t see in the bank. We pay virtually everything by credit card and pay this off at the end of the month and everything there seems to balance. Do you have any insight you could offer as to why our budget says we have money that is not in the bank even at the end of the month? Also and this is really presumptuous – would you be willing to share your spreadsheet (sans your transactions of course)?

Sousou says:

Hi,
I was a big fan of mint until recently. I read the security policy and found out that their servers keep some of your records even after you delete your account. But I should also mention that mint notified me, way before I could notice it in my bank account, when my credit was fraudulently used.
I would still be using it if I didn’t have big investments.

Cheers!

Maya says:

My husband and I had a huge fight over using mint, I did not want to sign up for it for the exact reason you described, I just didnt think it was worth the risk.

The compramise I came up wit is that we gave them DH’s old bank account info that only had a little bit of money in it, and we linked it to all our credit cards. since 90% of our spending and bills go through our credit cards I can still use mint for our monthly budgeting. I add our paychecks and the few transactions that come from our bank account manually. It’s a little labour intensive, but it means I have to constantly be on it, which means I’m constantly checking on our spending which keeps us in line.

Young says:

@Maya- That sounds reasonable. I am reconsidering this Mint.com breakup thing and maybe just having the credit card bill on there wouldn’t be a bad idea I wonder.

Cassie says:

Nope, I’ve never used mint. While I post financial updates at the end of every month, I post aggregate numbers, so they’re of limited usefulness to someone trying to get into my accounts. Having everything laid out in detail online in one spot just waiting for a hacker hankering for a challenge? That makes me nervous to say the least. I get that some people like it, but its not for me. I have most of my account numbers memorized anyway, so it’s really not that hard for me to check my accounts quickly.

Young says:

@Cassie- I have about 80% of my account numbers memorized but then it pains me when I can’t access the rest because I can’t find my booklet of account numbers lol.

schultzter says:

I asked my bank about that a while back and never connected my Mint Canada account to my bank because of that.

Also, where are the servers located? Canada or the US? Because if they’re in the US then there’s no Canadian privacy laws protecting your information either. Never mind hackers!!!

Interestingly, RBC uses Yodlee (similar to Mint) so I assume the 3rd party disclaimer doesn’t apply since Yodlee is accessed directly through RBC’s banking site. Although the fact their servers are US-based does concern me somewhat.

Young says:

@schultzter- interesting! Never heard of Yodlee..!

Horstradamus says:

Yodlee’s database is located in Canada near Toronto; not the U.S.

schultzter says:

What gives you that idea? I couldn’t find anything on their web site to indicate where their database is located – but they offices in the US, India, Australia, and the UK, but not in Canada.

Anton Ivanov says:

The same logic can be applied to pretty much anything – digital privacy and security concerns have always been there (and will continue to always be there). Using Quicken to download your account transaction data, online tax preparation software to file your taxes, or making any online purchase is just as risky as using Mint.com.

You can make an argument that it’s a magnet for hackers, since it stores so much financial account information in one place, but banks have been targeted by attacks for decades and learned to adapt. Intuit is not a new company and I’m sure they will continue to stay on top of security with Mint and they have been with their other financial software applications.

I will be staying as a Mint customer.

Young says:

@Anton- Thanks for sharing the Pro Mint perspective! 🙂

NameWithHeld says:

Ya I tend to agree with both of you but lean towards the side of why expose myself even more..

In other words, just because a burglar can break into my house through the window doesn

Donna P says:

What if the PFM tool was offered through and secured by your financial institution? Would that make a difference?

Young says:

@Donna P- I think it would for me. As long as it’s not third party.

I stopped using Mint.com for the same reasons as you did. I really liked having all my purchases automagically sorted. However it was sometimes having problems connecting to my banks’ websites. And that security breach is just there, waiting to happen.

I now resort to an homemade Excel sheets with a few bells and whistles to track my net worth and my investments. I tried using YNAB for a while but I find it tedious. Maybe I’ll get to it seriously some day…

Gabriela says:

I canceled because both of my credit cards were hacked within days of starting the use of Mint.com. I have charges in over hundreds of dollars charged in states not even close to mine and a facebook charge of $250?!?!?! Thank goodness my banks are great and took care of everything right away. canceled mint.com account so quick.

Rob Bairos says:

Its more likely you have malware on your computer siphoning off your keyboard strokes, or shopped at some online website with poor security.
In that case, deleting your mint account would have little effect.

Brian says:

Oddly enough, you don’t seem to spell out exactly why you stopped using Mint.com, in an article titled “Why I Cancelled Mint.com.” You go into potential security concerns, but then immediately dismiss them in detailing Intuit’s apparently top tier security platform.

This article is missing a conclusion. So what is it?