It's safer for you to look at your bank account information through Personal Capital than it is to log into online banking, Fritz Robbins, Personal Capital's CTO
Robbins is an expert coder and knows architecture and security. He recently spoke with me about online financial security, how personal finance software makers protect consumers, and steps you can take to reduce the chances that your information will be compromised.
What Does Personal Finance Software Do?
One of the first things to consider is what your personal finance software does on your behalf. Some applications, like Personal Capital, just allow you to look at your accounts and analyze your financial situation.
“We manage security to some degree by eliminating the types of things you can do in our application,” Robbins says. “Even if someone's Personal Capital account is compromised, the hacker can't go and move money out of these accounts.”
Pay attention to the types of activities your personal finance software engages in. Programs that allow you to manage your money might offer a bigger risk than applications that simply provide you with information about your various accounts.
Another layer of security relates to how your passwords are managed when a personal finance software application uses them to pull information from credit cards, bank, and investment accounts. “We never send information to the user's browser,” explains Robbins. “That's big protection for banking passwords. Even if your own computer is compromised, the banking passwords aren't going to be exposed.”
Robbins explains that when you connect your accounts to the personal finance software your passwords are encrypted and stored in secure data centers. “We use Yodlee for data collection and management. It's very solid security footing,” he says. “Most people's browsers are vulnerable. Your laptop is less secure than a data center.”Personal Capital isn't the only personal finance software that places a high priority on security. Robbins says that many software packages use standard best practices encryption, including internal encryption and strong perimeter protection.
Check the breach policies of programs you plan to use. “We have a lot of monitors,” Robbins continues. “If alerted to any potential problem, it goes to our chief security officer, who will initiate a response. We have not had — to date — any breaches where we have had a loss of end-user or client data. If this ever happened, though, our clients would be notified immediately.”
Is Personal Capital Safe?
Yes, Personal Capital is safe to use and has numerous security measures in place to protect your personal and financial information. Furthermore, it never sells your data to third-parties and takes customer security and privacy extremely seriously.
I already mentioned how Personal Capital uses Yodlee for secure data collection and management. Here's a few of the other security measures and features Personal Capital has in place:
- Data Encryption: All data is secured with AES-256 encryption, which Personal Capital says is the same standard as the U.S. military.
- Multi-Factor Authentication: Secure your account with multi-factor authentication for devices. You can also use biometric authentication on mobile devices.
- Security Bounty Program: Personal Capital has a bug bounty program that pays hackers and users for finding and reporting possible exploits or security weaknesses in the platform.
- Fraud Monitoring: You can opt-in to a daily transaction monitor email to receive a list of daily transactions, helping you spot potentially fraudulent transactions.
These security measures mean you can use tools like Personal Capital's net worth tracker or budgeting tools and have peace of mind. However, as I'm about to explain, it's still important to be proactive in protecting your personal and financial data.
How to Protect Your Financial Information Online
You can't completely prevent data breaches and stolen information. However, there are some steps you can take to protect yourself and reduce the chances that someone will destroy your finances by getting access to your online accounts.
First of all, one of the best things you can do is view your account information with the help of financial software, rather than repeatedly going to your bank's site.
“If you go to the bank website and type in your password, and there is malware on your computer, or you've clicked on a phishing site, you've given away valuable information,” Robbins points out. “There are plenty of vulnerabilities there. Even a sophisticated consumer can be subject to malware or be fooled by a phishing scam.”
You can use your connected personal finance software to view transactions and watch for fraud. “Monitor your accounts regularly to identify account activity you did not perform,” suggests Robbins. “Consider opting-in to a transaction monitoring email service, which will show all transactions across accounts for the previous day.”
If you do see something suspicious, that's the time to alert your institution to know and immediately change the passwords on your accounts.
What Users Can Do – Monitor and Change Passwords Often
Robbins also recommends creating strong passwords for various sites. He says that it's best to use different passwords for different sites, rather than using the same login information for multiple sites. “Hackers that get the information for one account can try that same combination on other sites with a reasonable chance of success because so many consumers use the same passwords for all their financial accounts,” Robbins says.
He also cautions against using passwords that connect back to your life or your interests. They may be easier to remember, but they are also easier to crack.
“Use packages that alert you if you go to an unsafe site,” Robbins continues. “Antivirus stuff isn't 100 percent protection, but it knocks down a lot of attacks. Turn it on and pay attention.”
Finally, Robbins suggests opting for two-factor authentication when possible. This makes it harder for thieves to break through since it requires an extra step. However, Robbins insists that the extra step isn't too obtrusive.
Usually, it's something as simple as having an extra code sent to your smartphone. “Two-factor authentication greatly strengthens your security posture,” he says. “Encourage your service providers to adopt it if they don't already use it.”
If you've been holding off on connecting your accounts through any personal finance software because of security concerns, it might be worth it to reconsider, especially if you won't be using the software to transfer money or engage in other transactions. And according to a technology specialist, your data is probably safe with Personal Capital.
You still have to decide if you're comfortable sharing your personal and financial data. But if you decide to use Personal Capital, you can take comfort in the fact it never sells your data and follows industry-standard security practices.
Readers: How do you feel about connecting your bank account to personal finance software?
- Personal Capital vs. Betterment – Which Is Best For Investing?
- Mint vs. YNAB vs. Personal Capital – Comparing The Top Financial Tools.