Privacy and Security / Security Technology and Practices

Security Technology

Your trust is a privilege and a responsibility that is our first priority, every day. Here are some of the technologies and practices we’ve put in place to protect your identity and your financial information:

  • Mint.com always transmits personal and financial information securely.This prevents potential hackers from "tapping" a data conversation.
  • Your bank login credentials are encrypted.
  • Our servers are housed in a secure facility protected by biometric palm scanners and 24/7 security guards.
  • We apply bank-level data security standards. This includes encryption, auditing, logging, backups, and safe-guarding data.
  • We hack our own site. Intuit runs thousands of tests on its own software to ensure security. We scan our ports, test for SQL injection, and protect against cross-site scripting. We also employ Hackersafe to test our site daily.
  • Mint.com has received the VeriSign security seal.
  • We subscribe to an anti-phishing service to discover and take-down malicious sites intended to fool our customers.

Practices to Increase your Financial Security Online

Your participation is important to our security efforts. The following are steps we suggest you take to protect your Mint.com account and other accounts online.

Protect your computer’s security

  • Keep your computer and browser software current with security updates;
  • Install and update anti-virus and anti-spyware software and use personal firewalls to protect your computer;
  • Be alert to the threats posed by malware--(malicious software) which can damage or disrupt your system, or secretly record information such as keystrokes;
  • Do not enable automatic login to your Mint.com account or pre-fill the Login ID or password fields;
  • Change your password periodically and avoid using passwords for Mint.com that you commonly use for other purposes; and
  • For more information on how to protect your personal computer, including links to vendors providing anti-virus and anti-spyware software, you can visit the Federal Trade Commission’s computer security site. Microsoft Corporation provides additional information specific to the Windows operating system at microsoft.com/security. Users of Apple computers can find security information at apple.com/support/security.

Using your computer in a safe manner

  • Do not share your Login ID and password with anyone;
  • Check to make sure you are interacting with a secure Web site, as above;
  • Always log off after completing your activities on Mint.com.
  • Be careful about using third-party computers or computers that you are not familiar with such as those in Internet cafés and be careful to ensure you have fully logged out.

Preventing fraud

  • Do not provide personal or financial information in response to an email request or by clicking on a link, unless you are able to verify the authenticity of the site to which you are taken through the SSL padlock or other means;
  • Do not enter personal information into a form within an email message or a pop-up;
  • Do not open an email if you do not recognize the sender and be particularly cautious of any attachments to emails from unrecognized sources.

Identity theft

Take steps to safeguard your information to help protect yourself from identity theft. Intuit takes steps to protect you from identity theft by:

  • Utilizing user identification and authentication procedures before permitting access to Mint.com;
  • Creating a secure transmission connection to Mint.com. You will see the security padlock in your browser’s frame indicating that it’s a secure site;
  • Ensuring our employees are trained to safeguard your information.

You can also help protect your identity and account information. Here are a few steps to remember:

  • Intuit will never request your Login ID or password, or any other information in either a non-secure or unsolicited email communication;
  • Check your credit report regularly for unauthorized activity and protect your personal identification numbers (PINs) or personal data;
  • You can also receive text or email alerts from Intuit which highlight large or unusual transactions. This service may help you identify fraudulent activity quickly.

You can protect yourself against phishing

Phishing is the illegal attempt to mislead consumers into providing personal or financial information, including account numbers, passwords and Social Security numbers, via email or through fraudulent Web sites.

The most frequent phishing attacks occur through emails disguised to appear as though they came from a reputable financial institution or company.

Most phishing attempts urge you to update or validate your account information, typically through a link in an email directing you to a fake Web site that appears to be legitimate.

A phishing attack can be detected

While there are many phishing attacks active on the Internet, there are some typical characteristics:

  • An email contains an “urgent” tone requesting your immediate action on an account-related matter.
  • An email is sent from a user falsely claiming to be a legitimate company with an attachment. An unsolicited email attachment more than likely contains a virus. Do not open it.
  • A pop-up window appears from a user falsely claiming to be a legitimate company’s Web site asking for personal information.
  • Additional information can be found at www.antiphishing.org or www.consumer.gov/idtheft

How to report a phishing attack

If you suspect you have received a fraudulent email from Mint, please contact: security@mint.com.

What to do if you are a victim of identity theft

If you are a victim of identity theft, here are some recommended steps:

  • Contact Intuit and let us know you have been a victim of identity theft
  • Contact the fraud departments of each of the 3 major credit bureaus:
    Equifax Experian Trans Union
    Report Fraud 800-525-6285 888-397-3742 800-680-7289
    Order Credit Report 800-525-6285 888-397-3742 800-916-8800
    Web Address equifax.com experian.com transunion.com
    Address PO Box 740241
    Atlanta, GA 30374-0241
    PO Box 9530
    Allen, TX 75013
    PO Box 6790
    Fullerton, CA 92634-6790
  • Request copies of your credit reports. Review the reports carefully and identify any new accounts that may have been opened. Pay particular attention to the section of the report that lists "inquiries" from new companies. Contact these companies immediately and have them remove any pending or new accounts from their system. Note: Credit bureaus must provide free copies of credit reports to victims of identity theft. Contact the fraud departments of creditors to dispute unauthorized charges (e.g., credit card issuer, phone companies, utilities, banks, other lenders.) Describe your identity theft problem and follow up with a letter.
  • Contact the fraud departments of creditors to dispute unauthorized charges (e.g., credit card issuer, phone companies, utilities, banks, other lenders.) Describe your identity theft problem and follow up with a letter.
  • File a report with your local police department and ask to file a report. This may help when clearing your credit.
  • File a complaint with the Federal Trade Commission (FTC). The FTC handles complaints from victims of identity theft, provides information to those victims, and refers complaints to appropriate entities, including the major credit-reporting agencies and law enforcement agencies.
  • By Phone: 877-ID THEFT (877-438-4338)
  • Online Complaint Form: www.consumer.gov/idtheft

Other Resources to Learn More about Identity Theft:

Follow Us On:
Get Mint For:   iPhone  |  Android