As a few of our users have asked us whether using Money Dashboard is an issue with their bank we thought we'd try to help everybody with this Q&A list of some questions we've been asked, and some that we think you're thinking about.
I'm not sure about giving you the log in details for my bank accounts. Are my bank OK with what you do?
Banks have known about personal financial management (PFM) tools like Money Dashboard that aggregate bank accounts for a number of years by now. They're actually pretty familiar with aggregation, but haven't yet said OK about us, or anybody else for that matter. That's not because they don't think we're OK, but because they would need to do lots of research on us before they would say so.
Can my bank stop me from using Money Dashboard?
They could have changed the Terms and Conditions of their customers' accounts to make sure that you don't use a PFM. As they haven't, and they've never closed an account because a customer is using a PFM, it's fair to say that they're unlikely to stop you now.
Once you've got my log in details what do you do with them?
We send them straight away to a company called Yodlee. They keep them. Yodlee are an American company who have been providing aggregation services in the USA and UK for over ten years. They provide the engine that makes our application work.
How do you keep my log in details safe?
When we ask you for your log in details we make sure it's encrypted when you send it to us. Any data sent to Yodlee is also encrypted.
On its way to Yodlee the data passes straight through our computer's memory, which means we can't keep a record of the data as it never goes to our hard drive. Put simply, we never see your log in details.
Once Yodlee receive your log in details they store them securely and only use them to access your account so that they can update the information held in your account. They don't share your details with anybody else.
OK, I'm happy that you're careful. Is there anything else I should know?
Yes. There are a few simple security things you can do to protect yourself. Make sure you're using a good anti virus system and you keep that and Windows (or what O.S. you're using) up to date. That'll help prevent fraudsters installing software that reads your keystrokes. If your keystrokes are being logged the fraudster can read the information you're sending to us and use that to log on to your bank.
Although you should never keep your log in details in a way that can be recognised, it's worth remembering that even if a fraudster gets hold of your Money Dashboard security details they won't get access to your bank log in details. A fraudster can't steal from you just by going into your Money Dashboard account.
by Peter Downie, Head of Risk and Compliance