Financial Service Aggregators and Trust

Last week I received an email from Aimen Minhas, VP marketing at start-up PageOnce quickly followed by one from Guy Goldstein, CEO (listen to WSJ podcast here). They were reaching out to bloggers with information about their service, which is currently in private beta.

Essentially their message is that the user Finds (adds) the accounts--from financial services to social networks--that she wants to manage, Views and manages them from a single page and then Relaxes, letting PageOnce take care of details involved in managing all these accounts. It's the type of aggregation for the convenience of users that Internet pundits have been talking about since the early days.

Their emails came at a particularly interesting time. Someone, an amateur fortunately, had gotten the number of the credit card I use exclusively for Internet purchases. I was busy and hadn't checked my accounts for a few days; might not have noticed it right away anyway because the amounts were small and the amount of my total bill wouldn't have prompted me to look at the detail. Bank of America, though, caught it right away because there had been two $0 purchases recorded which customer service explained was the thief testing the account. BofA sent me multiple emails and left a voice mail. From there it's kind of a long story, only because I was away from home and got back Sunday night when the system was updating and couldn't be accessed. But a hold was put on the account right away and on Monday morning I did all the right things to get it taken care of. So far all the joker had actually purchased was two memberships in Match.com--isn't that trackable if anyone cared enough?

BofA handled this well and prevented further damage. Isn't that exactly what they are supposed to do? How would another layer of security help? All I've read suggests that PageOnce has strong security in place; certainly their executive team has strong IT backgrounds and extensive security experience. All the pieces are in place, but I wonder how easy it's going to be to get users to commit financial services data to an unknown site.

One of my students wrote about another financial services aggregator on our Internet marketing class blog a few weeks ago. I'm not making a link because the blog will go down sometime after the semester ends, but I'd like to quote some of what Yolanda said about Mint.com:

Although it looks a great way to handle your finances, I still feel skeptical about typing my accounts information in the site even though Mint claims to have high security. The company teamed with Yodlee, an on-line banking-service provider, to make secure connections to banks. The registration is anonymous because the system just asks for your e-mail address, password and zip code. The company also claims that it never stores password information or see account numbers. In spite of all these claims, I still do not feel secure on typing my account information on the site. I am not definitely in my twenties and maybe that is why this thing of sharing information still scares me. However, if my bank could provide this kind of service, I would definitely look forward to it. (Yolanda Cantu, May 5, 2008, Internet Marketing at Harvard Extension)

That's interesting on several levels and when we had a few minutes to talk about it others (mostly thirty-somethings) agreed. It takes a high level of trust to sign up for a service like this. You might accept such services from an institution you already know and trust; BofA went up several points in my estimation as a result of the quick action in my instance. Building trust for an unknown brand takes time, as we all know. For PageOnce that may be compounded by the fact that they are allowing social networks, which are leaky faucets as far as data privacy is concerned, to be part of the system. When I questioned this, Aimen Minhas pointed out that users can choose which accounts to enter (or not). Good point.

PageOnce is clearly a service in the Web 2.0 mold. If you want to check it out, sign up for a beta account. I wish I could say there was nothing to lose, but that's not true, and it's the challenge that services like this have to face. What else do you think financial services sites should do to build user trust for web and mobile financial services?