No credit card required
Browse credit cards from a variety of issuers to see if there's a better card for you.
Mods: If this isn't the appropriate forum for this topic, please let me know, and move it.
I recently noticed my Bank of America (and other credit card companies) sign-in history has been a bit odd. I use Google Chrome as my browser most of the time, but I've been noticing early morning sign-ins from Internet Explorer (see screenshot below). I use mint.com and have linked it to my BOA account.
Has anybody else experienced this? What's the likelihood that these sign-ins are from Mint.com and not suspicious?
Thanks in advance for your replies. I hope this encourages other MyFico users to reassess their account security.
I haven't experienced this and don't know how likely it is to be Mint (although I'm also can't imagine why Mint would come off as Internet Explorer...it seems to me like it would take some back channel not associated with any browser), but I definitely think it would be prudent to check with BofA on this ASAP. Good luck.
I use Prism and it logs in as Chrome a few times a day so It's probably Mint.
@WLRK11 wrote:Mods: If this isn't the appropriate forum for this topic, please let me know, and move it.
I recently noticed my Bank of America (and other credit card companies) sign-in history has been a bit odd. I use Google Chrome as my browser most of the time, but I've been noticing early morning sign-ins from Internet Explorer (see screenshot below). I use mint.com and have linked it to my BOA account.
Has anybody else experienced this? What's the likelihood that these sign-ins are from Mint.com and not suspicious?
Thanks in advance for your replies. I hope this encourages other MyFico users to reassess their account security.
Yes, those are likely from Mint.
Doesn't mean I wouldn't consider it suspicious, though....
Having looked into how the backend of the account-access tools from Mint, CK, etc operate... I decided some time ago to never touch them. Ever. (The account-access part, anyway. I do use the credit report features.)
Depending on your banks, some of the account linking is done reasonably "correctly", with per-service tokens (although most banks don't appear to provide a revocation interface...).
But most banks don't appear to offer that to Mint/CK. For those, the backend service actually stores your account login/password in plain-text (or reversable encryption, with the keys online, which is effectively plain-text); and then the backend screen-scrapes the standard account website for your details to present in the Mint/CK interface.
And much of that backend login/password storage and screen-scraping is happening off-shore.
So... yeah. Not touching that, with or without the ten-foot pole. (You may even technically be violating the terms of your banks' online account access agreements, and opening yourself up to liability if your credentials leak through the screen-scrapers' services.)
If you want to check up on it yourself, go lookup Yodlee, or articles like Is It Time to End Screen Scraping?