Tue, 08 Apr 2008
Geezeo, Mint, and Wesabe
I took some time over the weekend to experiment with the three personal finance web sites I discussed in my last entry. That changed my perceptions. Although I still have high hopes for Wesabe, I find that requires the most work to use, currently.
Mint appears to be the most useable out of the box.
It did the best job of assigning useful names to the transactions I downloaded
and giving me some immediately useful information.
Geezeo had support for more of my accounts than the others. My biggest complaint about Geezeo should be easy to fix on their part: all the transaction names are in UPPERCASE. Yuck!
None of the sites handled all of my accounts. I use
thinkorswim for stock and options trading and was
unable to add it. Mint actually had an entry for thinkorswim when I searched
for it using the Add Account
feature. However, after providing my thinkorswim
username and password and watching the connection progress, Mint gave me the
disconcerting error message:
This just isn't going to work.
I have access to three checking accounts through my bank's website: my
personal checking account, my business checking account, and my daughter's
checking account. Of the three, I only want my personal checking account
aggregated. Only Wesabe allowed me to make that selection. Mint lets me
hide
the other two accounts, or mark them closed
, but not until it has
downloaded transactions. Geezeo let me delete accounts after the initial
import.
Here's a short list of pros and cons as I see them:
out of the box.Once you've renamed a transaction, the name is applied to similar transaction on subsequent, similar transactions. However, manually assigning names to each new, unique payee is time consuming and cumbersome.
It's worth noting that Wesabe has a very different security model from the other two sites. All three sites claim they do not store your sign on credentials for the various accounts they integrate. Mint and Geezeo don't store them—they pass them to a third party that does store them. Mint uses Yodlee and Geezeo uses CashEdge. Wesabe provides browser plug-ins that let your PC establish connections to your banks then feed the data to Wesabe—your credentials are stored on your own PC.
Since Mint and Geezeo ask for your credentials and pass them to a third party, you have to first trust Mint and Geezeo to abide by their security policy and never save or use your credentials. You also have to trust the third party providers they pass the credentials to, Yodlee and CashEdge. The security policies of all involved are disclosed and explained. I have no problem trusting them, but it does require trust.
The advantage of this approach is that it makes features like Mint's email notices possible. Mint can access your bank data even when you're not logged in. Getting notices about transactions that have cleared the bank when credit cards payments are due, without signing in, is a useful benefit.
With Wesabe's approach, you need to trust the plug-ins they provide. For the truly paranoid, and technically capable, that should be possible. It would require monitoring just what gets passed to Wesabe. I'm willing to trust their security policy and believe they aren't capturing my sign on credentials. On the other hand, I'm not sure having my credentials stored on my own system and using a plug-in is any safer that passing them on to Yodlee or CashEdge. It just seems more likely to me that some browser bug or flaw in the Wesabe plug-in might eventually be exploited, than Yodlee or CashEdge being hacked.
This is still a new application area and there's no clear winner, yet. If we could pick and choose the features of these three sites we would have a very attractive application. I'm sure we'll see a lot of progress with all three in the near future.
About this weblog
This site is the personal weblog of Marc Mims. You can contact Marc
by sending e-mail to:
[email protected].
Marc writes here about cycling, programming, Linux, and other items of personal interest.
This site is syndicated with RSS.
Archives
Credits
CSS stolen from Tom Coates who didn't even complain.