russ-love.com
progressive


Chase, Mint viability, and web scraping

Chase VerificationIt is interesting how much attention this small company captured over the past week. Search for mint money management on Google and you get almost 2 million results. I made my own contribution just yesterday where I was questioning the viability of this service. Using web scraping for obtaining financial data is one of the problems.

Web scraping is a technique that allows web services (often called web bots) to take web pages apart and filter out information, banking transactions in this case. My understanding is that when Yodlee is doing it on Mint’s behalf, the banks don’t necessarily know their pages are being scraped. (more on web scraping from Wikipedia)

I gave it some more thought today and I think I know why Mint (and Yodlee) are having problems fetching Chase credit card transactions. If you have an account with Chase, you probably noticed the extra layer of security Chase introduced recently. Now every time you access your account from a new computer/browser you have to confirm that this is a trusted location by entering a verification code they send to your e-mail or cell phone. Since Mint (Yodlee) has to login to your account before they can scrap transactions from the web pages, they have to go through the same verification process as you do and since they have no access to your email they obviously can’t pass it.

The bottom line is, Mint will continue having these issues unless Yodlee is able to strike a deal with Chase (and other banks in the future) to allow them retrieve your transactions through other means or passing around this extra security verification. Is it likely? I don’t know but from my own experience I can tell you a lot about how slow and self-protecting large corporations are.

This situation probably puts Mint in very uncomfortable position at very inconvenient time. It is ironic how life of a startup can depend on such a seemingly small thing. Web scraping has always been a shady business and I am surprised that Yodlee has gone with it so far.

Related: Web 3.0: When Web Sites Become Web Services from ReadWriteWeb


See also:


5 Responses to “Chase, Mint viability, and web scraping”


  1. 1 Alex Sep 26th, 2007 at 12:21 pm

    A lot of financial institutions are giving up on a good ol’ userID/password schema. My bank and a couple of credit cards I own have switched to a separate userID, then password and/or verification phrase approach. It’s probably more secure, but sure is a pain for services like Mint or applciations like MS Money.

  2. 2 Jordan Sep 27th, 2007 at 12:11 am

    Financial institutions are adding multi-factor authentication to improve security for consumers and to meet government requirements.

    Yodlee has a multi-pronged approach to gathering data from institutions as they continue to roll out MFA technologies.

    One of they key methods for Yodlee to continue service is through partnerships like you have mentioned. Partnerships with financial institutions and MFA providers like RSA, Arcot, Green Armor and others help ensure that people can continue to access their personal data securely through Yodlee services.

    Yodlee continues to successfully support all major banking institutions.

    ..Jordan, Yodlee Inc.

  3. 3 Ervin Sep 27th, 2007 at 6:29 am

    For me, it’s the other way round: I have been using my Sony (Chase) card much less since I noticed I cannot check it with Yodlee.

    Yodlee is much more important than Chase, because of the convenience. I’d rather drop the companies that do not cooperate with Yodlee.

  1. 1 Mint’s Minty-fresh Flavor Wearing Out? ALREADY!? « gWHIZ Pingback on Sep 27th, 2007 at 7:33 am
  2. 2 Mint’s unrefreshing contracted web scraping » Make You Go Hmm Pingback on Sep 28th, 2007 at 8:11 am

Leave a Reply