dcsimg

Password and Security Concerns Regarding Usage of Yodlee

Published 9/28/07 (Modified 3/8/11)
By MoneyBlueBook

Yodlee is a terrific online account consolidator and aggregator tool. But whenever I try to explain to some people the many benefits of using a service like Yodlee to aggregate their bank, credit card, and reward account information into one easy to access source, I encounter the skeptics. The skeptics are quite the interesting techno-phobic bunch. They generally fear losing control of their accounts and fear putting all of their account login and password information into one basket. The skeptics fear account aggregation technology because they worry that it will somehow make their lives more complicated and they worry that it will allow hackers and identity thieves easier access to their private accounts. Well I'm here to put those worries to rest. Account aggregation tools like Yodlee will make your life much easier and will help to make your other accounts more secure.

How Does Yodlee Keep My Account Information Secure?

Yodlee has indicated that their service operates under a very secure network infrastructure that combines sophisticated intrusion detection methods with firewall and physical protections. Yodlee has partnered with many large and established companies such as Citibank, Fidelity, Bank of America, and Wachovia. I think we can be assured that Yodlee has passed the initial basic credibility test of ensuring customer privacy and confidential information.

However, although Yodlee will do its part to ensure that your account login and password information is completely secure, it is your own duty to make certain that you keep your master Yodlee login and password information in a secure location and hacker safe.

I know many people have a habit of using one common login and password combination for all of their financial accounts. If you do that, then I highly recommend, in fact I insist, that you make a vastly unique login and password sequence for your Yodlee or Yodlee powered account. Because your Yodlee account saves and consolidates all of your other financial account password information into one source, it is essential that you be certain that your Yodlee password is the most secure and unique of all.

From One Source It Is Easier To Keep Track Of All Balances and Transactions

By aggregating and consolidating your accounts into one viewable source, it makes it easier for you to detect fraudulent or unauthorized activity involving any of them. I personally have several credit cards that I almost never use, but I still keep them around. Since identity theft is a growing problem these days, it's important to keep track of what goes on in all of your accounts, even dormant ones. Consolidation allows this to happen with relative ease.

What If Hackers Manage to Get a Hold Of My Yodlee Password Information?

Of course, many people are rightfully afraid that this leads to one point of access for potential thieves. If somehow Yodlee is hacked, they get all your information instead of just one bank or credit card account. This is true, but I see persistent monitoring as the solution to preventing identity theft and account break ins. I monitor my Yodlee powered account through Fidelity Full View at least once a day. If there's something fishy, I can pick up on it before the danger escalates.

Don't live in fear of placing your confidential information in the hands of technology. The system is not 100% foolproof but it works quite well. Regular and active monitoring of your aggregated accounts will help you organize your finances better and teach you to be more savvy about tracking your financial activity.

Disclaimer: Discover is a paid advertiser of this site.
Reasonable efforts are made to maintain accurate information. See the Discover online credit card application for full terms and conditions on offers and rewards.

Feed for this Entry

2 Responses to “Password and Security Concerns Regarding Usage of Yodlee” 

  1. Kysh says:

    Convenience is the most easily exploited security hole, and the attitude towards security in this article is ...painful to anyone who is significantly security conscious; denouncing 'us' as technophobes is foolhardy, considering that many of us who find the security of such an arrangement questionable are security specialists who make our living by architecting and securing infrastructures like Yodlee.

    I was recently asked to use Yodlee by a third-party site to verify my account information. Part of the 'terms and conditions' I was expected to click through was the following:

    ... [The third-party] AND YODLEE MAKE NO WARRANTY THAT (i) THE SERVICE WILL MEET YOUR REQUIREMENTS, (ii) THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE ...

    ... And a boilerplate 'we accept absolutely no responsibility and may not be held liable for anything, any type of damages, for any reason, including but not limited to':

    ... (iii) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA; ...

    A trend I've noticed is that a step above technophobes are technophiles, and those people often tend to be in other industries, or ancillary parts of the technology industry like staff writing. They feel that technology can do no wrong, and that it's only bad people to be held responsible for security breaches, when in fact, it's bad practice, not bad people, that expose data.

    Giving your account data to a third party, however convenient, is potentially dangerous. It bypasses many protections built into the system. To be frank, much, if not most, of the security that exists in this day and age is bad security, and to trust someone because they say "We're secure! (but, uh, we don't guarantee that, and don't even think of holding us liable!)" is simply naive.

    I realize this posting is old, but I came across it while searching for references to yodlee, and I'm commenting here in the event that someone else does the same.

    -Kysh

  2. Lungfixer says:

    I felt the EXACT same way as Kysh when I read the "Terms and Conditions" disclaimer waiving ALL responsibility for ANY loss associated with the use of Yodlee. I'm not a security specialist, but I'm certainly no "technophobe". I do my banking, pay ALL my bills and make at least 80% of my purchases online...but I'm just not comfortable allowing one site to have sensitive information which would allow access to all my financial accounts...especially if they cannot be held accountable if something goes awry.

    Just my 2-cents.

Leave a Reply



If you liked this site, please Add To Bookmark and/or Subscribe To A FeedReader

Search this site