Web 2.0 inches towards financial institutions (while the clueful inch away)

In my mind, one of the defining characteristics of “Web 2.0″ is the idea that a website should be a forum for users to create and share content they care about. It isn’t about technologies (such as AJAX, CSS, and tags), it’s about the user model.

The first foray of Web 2.0 that I’m aware of is Wesabe. The gimmick behind it is that it watches your accounts at various financial institutions, and provides you with a common way to browse all of those accounts. Their privacy policy states that the good people of Wesabe will happily sell and anonymized version of your financial history to third parties. In return, users get to pay for the privilege of seeing their account information aggregated into one place, and they get to see tips that other users write.

It’s a nifty idea, but I’m not entirely sure what’s in it for the user. When I originally heard about the service, I assumed that it was aimed more at investing, rather than personal account management. What kind of tips can people give me? The demo shows really enlightening stuff like “Don’t shop at Trader Joe’s when you’re hungry!” and “Keep a tally of the cost of the stuff you put in your cart!” Granted, those are only placeholders for real advice that will come from users, but still, I have a hard time seeing how the advice could be that much better.

On top of the $5 a month that the user is supposed to spend so that they can see little bar graphs of their expenditures, the user must also give Wesabe access to their financial accounts. The weird thing about Wesabe is that the account monitoring is performed on the user’s machine. The user installs a program on their box, which they feed with their account details. The program hits the websites as requested, before dumping the semi-anonymous and (theoretically) secure information onto the Wesabe server. Although this probably makes the user feel good (”Hey! My account details stay on my home computer!”), I suspect that the average home machine is probably much less secure than a well run corporate data centre. Then again, I wouldn’t trust Wesabe to store my financial details any more than I trust my home machine to store them.

Regardless where the data is kept, it’s ripe for wholesale theft. In the case of being stored on a corporate server somewhere in the middle of nowhere, the attacker would have to be technically knowledgeable about the defending infrastructure. In the case of being stored on user’s machines, the attacker needs to be able to craft a virus or worm capable of looting that data. In either case, once the data has been stolen, it’s up to the users to play damage control. If half of your savings suddenly disappear out of your account, too bad: it’s your problem, not the institution’s or Wesabe’s.

I guess it comes down to this: what are little bar charts and brain-dead tips worth to you? What portion of your current bank balance? How will your bank react when you tell them that you shared your account information with an anonymous company that accepts no responsibility for the problems with their software? Will they say “Shucks! That $2k that was just wired out of your bank account wasn’t worth much to us! Here, have it back, and here’s an extra $1k for being a Web 2.0 kind of person. Go buy yourself a new iPod, you crazy hipster!” or will they say “That violates the usage agreement of our service. We accept no liability for your losses. Your willingness to give away financial information indicates that you’re a bit of an idiot. Would you like to sign up with our brokerage?”

Financial institutions should provide two kinds of electronic access to accounts: read-only access to records, and owner access to control monetary transactions. Each would require a separate username and password. That way, services like Wesabe could still charge users to read their own records; without exposing the folks that use those services to risk of theft.

7 Responses to “Web 2.0 inches towards financial institutions (while the clueful inch away)”

  1. Posted by Marc Hedlund
    2006.Nov.21 @ 02:30

    Hi,

    I’m one of the founders of Wesabe, so I thought I’d respond a bit and make the company a little less anonymous. :)

    First, I agree that our privacy policy needs to be improved, but nowhere do we say that we’re selling anyone’s data. We’re not. We say that we share aggregated data, which is true: any user can get it for free on any page we host. *None* of that data is personally identifiable — we don’t say “Josh shops at grovery store X and has $2,000 in debt.” Instead, we say that the average checkout price at Safeway is $X and Whole Foods is $Y, so you can compare what you might expect to spend at different stores. Safeway and Whole Foods are probably obvious, but when you’re comparing auto repair shops, knowing the average price and the satisfaction rating from prior customers gives you good data to choose the shop you want.

    While our privacy policy needs a revision, there’s nothing nefarious in it — it just needs to be more clear. Our “Data Bill of Rights,” though, is perfectly clear and unambiguous — take a look:

    http://www.wesabe.com/page/security

    Second, your criticism of the Uploader is a little odd given your article title, since that’s our least Web 2.0 feature of all. You are certainly correct that there are security risks to keeping financial data on your computer, but how is that any different than using Quicken on your computer, which people have been doing for 20 years now? Quicken does exactly the same thing we do with downloading your financial data. I think our model is actually better on your point, since your own computer only holds credentials and not your full transaction history in our model, whereas Quicken holds credentials *and* history on your machine.

    Finally, sorry to hear you don’t like the graphs or tips, but I would say that many other users have told us they are getting a huge amount out of them, and out of using tags and goal targets to organize their financial data. If you have something you’d like to see added to the product to make your data more useful, I’d love to hear any suggestions you have.

    I appreciate the criticism, and hope the response is helpful. If there are more questions you’d like me to address, I’m happy to do so here or in email — marc@wesabe.com.

    Best,
    Marc

    Respond to this comment
  • Posted by Marc Hedlund
    2006.Nov.21 @ 02:36

    Oops, forgot something: USAA, among others, does exactly what you suggest with regard to passwords. They let you use your ATM PIN code to get read-only access to your data, and then a password to be able to use bill pay or other write-access functions. I think this is a great model and should be used by all banks. The only problem with it is that it’s confusing for people, but I agree with you that it would be well worth it.

    Respond to this comment
  • Posted by darrell
    2006.Nov.21 @ 10:58

    I think there could be some valid tips given to some people. After watching the woman in the TV show “Til Debt Do Us Part” go over families’ financial records and spew off advice on how to better control their debt, their spending, and their overall finances I think there are a lot of people who could benefit from some helpful advice.

    Having said that, if I was worried about my finances I’d probably go to my bank and some friends I have that work in banks for free advice that doesn’t seem as risky.

    Respond to this comment
  • Posted by e
    2006.Nov.22 @ 20:53

    Hi Marc,

    Thanks for stopping by and responding to some of my thoughts. Your points are all well taken. And for the sake of clarity, I have to mention that I didn’t intend for my original ramble to imply that you’re selling “nonymous” personal data.

    As for your comment on tips and graphs: they aren’t something I find value in. I don’t think that people save money by spending where items are cheap, I think people save money by buying less and putting more money out of their own reach. That’s just my view, and I know lots of folks will disagree with it. Once you’ve made your millions with Wesabe, and you decide that you can’t live without me as your user, consider putting together an investment site that allows users to compare financial products, and critiques their accounts from a goal-oriented and tax specific perspective.

    As a slight aside: since you’re charging users $5/month, Wesabe has to be able to save them at least $5/month for the account to be financially worth it. I know that my buying patterns are fairly static. I doubt that the information Wesabe provides will be able to save me $5/month consistently.

    And to respond to your point about Quicken, you are correct: people store their credentials in the silliest and least secure of places. That doesn’t mean that I’m going to. The reward is fairly low (graphs+tips), while the risk is fairly high (losing most of my liquid assets).

    Like I say, I don’t think that Wesabe is necessarily a bad thing, it just doesn’t meet my needs. But I have a sneaking suspicion that there are plenty of people who don’t share opinion.

    Thanks for the note about USAA. It’s nice to see that financial institutions are moving towards technical sanity. I’m not aware of any Canadian banks doing the same thing, but I’ll be happy to switch my account when they do.

    Good luck with Wesabe!

    e

    Respond to this comment
  • Posted by e
    2006.Nov.22 @ 21:01

    Yo d,

    People do spend a lot, and in ways that don’t often make sense. Whatever gets people away from those traps (not paying off credit cards, buying stuff on credit, buying more than they need, etc) is good. But I would be surprised if lots of that advice didn’t already exist on the Intartubes, free of charge.

    e

    Respond to this comment
  • Posted by darrell
    2006.Nov.23 @ 11:46

    e,

    The advice might be there but sometimes people don’t know it or just don’t see it applying to them. Then there are the people who find themselves in unexpected circumstances (unexpected expenses, loss of job, injury, etc) that need a little more help and need it suited towards their financial situation.

    It might be out there for free but it requires you to investigate what advice is good and/or suits you or how to make it work for you. Getting people to comment and discuss your options might be helpful to them.

    Cheers!

    Respond to this comment
  • Pingback from Take that, Security! – Pie Palace

    • Reply

    You can use these HTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    If your website is claim enabled, it will be notified that you have posted here.