The Open vs. Secure Debate: Mint.com and ING Direct won’t play nice

September 4, 2009
Posted by Ryan Graves

The Open vs. Secure Debate: Mint.com and ING Direct won’t play nice

2452639579_e165388718

I am a huge fan of Mint.com for managing and aggregating my accounts, I have the Mint.com application on my iPod touch (getting an iPhone soon) and use it all the time. I also use ING Direct for much of my savings accounts. I love the functionality ING provides of being able to split separate withdraws from my checking account directly into sub-accounts on ING. It’s super helpful when I want to keep saving generally but also need to pull some cash together for this wedding thing I have coming up…I heard they’re expensive.

Anyway, I would love to be able to feed my ING accounts into Mint for better management of them, but I’ve had some issues. They’re very strict with having all of my security questions aligned in order to feed the data to Mint.com which can be a pain, but I’ll deal with it for security. However, I recently got this response via email, from a question that I posted on Mint.com’s Get Satisfaction page (GS is a user feedback tool, if you’re not familiar with Get Satisfaction).

The email read:

“Justen replied to ING Direct account cannot be added!, a problem about Mint.com.

Just like JGB had stated previously, ING Direct does not support account aggregators strictly for security reasons. It is a security breach to have a third party accessing your information and we do our best to keep that information safe. As an employee of ING Direct, I get a lot of responses from customers claiming that they are having this issue. We are not going to set our security guard down to let a website like Mint.com access customers information. The same goes with programs like Microsoft Money and Quicken. If you need information from your account downloaded into the website, there is a place you can do so on our website. This is not a reflection of Mint.com or any other account aggregators, they may be great programs, but its just not a risk ING Direct is willing to take.”

This begs the question, what is more valuable to the customer Openness or Security?

Obviously, I need security in both Mint.com and ING Direct or I wouldn’t use their services, but all of my other banks are secure, and they play nice with Mint.com, why wouldn’t ING? I think this is obviously a fine line, but as service like Mint.com makes personal financial management easier and more productive I think banks will learn that they are likely not the best to decide what the customer experience will be. I would expect a bank like ING Direct who is entirely online to understand that their customers are comfortable with online user experiences.

ING Direct, I think it’s time that you open up just a bit and understand that your ‘online’ customers (100%) want good online banking experiences and sites like Mint.com who making banking and personal finance a pleasure are going to have to be considered. Focus on your core competency, banking, not online user experiences.

Updated: Real customer reactions & ING fighting back!

Below I’ve pasted the follow up conversation about the ING vs. Mint.com discussion. Interesting to see ING employees practically fighting with customers! Let us know what you think about all this in the comments…

Kate (a customer) replied to ING Direct account cannot be added!, a problem about Mint.com.

Justen, this is the reason I left ING. It should be the consumer’s choice if they wish to take this “risk.”

Stephen, an employee of Mint.com, replied to ING Direct account cannot be added!, a problem about Mint.com.

We have enabled dynamic multi-factor authentication support for ING Direct. ING Direct is still blocking Mint most of the day and intermittently but we have seen some improvement in connectivity. We appreciate ING’s stance and we understand their brand. We spoke with ING directly several weeks ago and we look forward to their read only PIN solution they are working on for third parties such as Mint.com.

Justen, an employee of ING Direct replied to ING Direct account cannot be added!, a problem about Mint.com.

Someone else gaining access to your account at ING Direct is not “your choice” so we are not allowing other 3rd parties to do it. If someone gains access to your account online, they have breached our security on our website and compromised not only your information but the banks as well. Its just not a risk that the bank as a whole is willing to take. I understand your situation, but it seems irrational to leave an institution that you otherwise probably had no problems with and probably gave you more (ie: better customer service, rates etc) than your local bank. Tell me another bank thats open 7 days a week 8 am to 8 pm ALL time zones across the US? They are few and far between if any other than us.

Kate (a customer) replied to ING Direct account cannot be added!, a problem about Mint.com.

Calling your would be customers irrational is hardly good customer service, and it was replies like this to my concerns on this topic that prompted me to leave. Online account aggregation is key to how I manage my finances; your being open all the time is not. If you choose to keep me from using services like Mint you can, just as I can choose to move my money to a bank that lets me manage my finances in a way that works for me. But don’t expect me to stay with a bank that doesn’t work for me, let alone one whose employees seem to think I’m irrational. But thanks anyway.

ME (a customer):

Oh snap! This thing is getting heated, I guess my blog post was pretty timely!

0 Comments

Posted Under Technology

Ryan Graves

Gotta love a good call out. Tell those turds who's boss.

Thanks for stoppin by Garret!

share flag

spam
offensive
disagree
off topic

ryangraves

Garrett

In reply to Justin's "Tell me another bank thats open 7 days a week 8 am to 8 pm ALL time zones across the US?":

E*TRADE! Pull your head out of your ass and look at your competition! Just because you're riding the first-mover wave (or maybe you copied E*Trades lack brick & mortar, no fee, 24/7 cust service business model), it in no way means your competitive advantage is sustainable!

Somebody skipped the PR course in business school...

Glad you commented, I've been thinking about this all morning.

I think this is a risk to Mint.com because it may be even tougher now to
incorporate/integrate with other big banks now that intuit owns it.

Eric

It looks like all of this discussion is a moot point now as Mint.com was acquired by Intuit. For mint.com, who always said they were anti-bank, they now have to renege on their ideals.

DFWDraco76

you bet - thanks for posting this! I tweeted about it earlier this morning: https://twitter.com/dfwdraco76/status/3932692266

I have to agree with the point you've made here most: "There's no reason ING
an't provide the good security that all customers expect, while at the same
time providing the same functionality and access that have become "industry
standard"."

It seems to me that since almost every other bank has been able to make this
work and keep things secure it must be an ING problem. However, I'm not
ready to leave them yet, I will wait also.

Thanks for chiming in!

There's no reason ING an't provide the good security that all customers expect, while at the same time providing the same functionality and access that have become "industry standard".

If I thought for a second the security of my accounts were compromised by Mint's read only access to them, I'd never have allowed it in the first place.

I also just joined the conversation at http://getsatisfaction.com/mint/topics/ing_dire... ;-)

Given Robert Weaver's more polished reply, I'll probably just continue to wait and see what happens.

Thanks for the post! I just sent an irritated complaint to ING about this very issue, since Mint has been unable to update my account with them for 3 days. It's odd to me how intermittent this thing is -- sometimes it updates "normally" for days and weeks at a time, then other times I'm just cut off.

Yours was the first Google hit when I searched on the error Mint shows me.

If this is ING's stance, I, too, may consider taking my money elsewhere.

I agree, I would commend ING for taking such a pro-active approach to this
issue, however, I do think their may need to be a little more consideration
for how the users would like to use their own data.

I'm sure ING has insurance on security breaches, it would be interesting to
see if their were insurance policies for multiple entities sharing data such
as Mint.com & ING Direct...

Thanks for the comment Eric!

Good for ING Direct. They have to take a pro-active response to any third party that can access their customer's data. If there were a breach (a la Rudder.com), then ING Director would be the responsible party whose name would be dragged through the mud in the press. Secondly, I feel any company should concentrate and put an emphasis on the web user interface as it is quickly becoming the main touch point with customers even if it isn't the specific business they are in. This is especially true with ING Direct who isn't built on a typical 'brick & mortar" FI model.

I've never heard of it, and unfortunately I don't deal with large enough
sums to require such security. :)

Allen Penn

Does anyone's bank account current have multifactor authentication (e.g. usb fob required to plug in, along with user name/password for login?) Would you use this if it allowed additional functionality (e.g. larger transfers, interaction with aggregators, etc?)

Wow- Thanks for chiming in, I definitely think it's something that ING needs
to consider.

Any ING employees want to chime in on the conversation here on the blog?

find-ING another bank :)

And this is why ING just lost my business today...

http://getsatisfaction.com/mint/topics/ing_dire...

It's my money. I am doing *them* a favor by storing it with them. They profit from this. If they can't offer the services I need, it's a competitive landscape and there are plenty of other banks who can.

THE DREAM IN ACTION

By Ryan Graves

The Open vs. Secure Debate: Mint.com and ING Direct won’t play nice