

Simple Security - dcope
http://www.neglectedpotential.com/2012/12/simple-minded/

======
joshstrange
I think you are blowing things a little out of proportion. As you mentioned in
your blog post you say that ever other bank's app you have tested has had the
same "shortcomings". That said I would venture a guess that none of your other
banks are anywhere near on the same level as Simple.

I have been a Simple customer for a couple months now I absolutely LOVE the
service. I have dug into what happens behind the scenes on their website and
yes, they do pass more data back and forth than is always needed but they are
using SSL so I'm not too worried.

You say you reached out to their security team and waited 8 days for a reply
before following up, why didn't you just use Simple's support? I have reached
out to them multiple times and always received a response within an hour. One
of those times they redirected me to their engineering team so I could talk
directly with one of their programmers, we exchanged 3-4 emails that same day.
Should they have monitored this security email address you sent to better?
Yes, but they provide the best support of any bank I have used in the past.

Pretty much I don't feel like the "concerns" you raised are all that important
and in fact the whole post smells of FUD IMHO.

~~~
mattyohe
Keep in mind not everyone that submits articles to HN are the article's
author.

~~~
joshstrange
Sorry, I often write my comments in reply to the whatever was linked. I should
have written it differently.

------
zampano
While most of this can be forgiven thanks to Simple being a newcomer to
banking, having all that extra information sent along (ssn, dob, etc.) just
seems like a horrible oversight. As a recent Simple convert, I sincerely hope
they listen to the feedback from their members and rectify this as soon as
possible.

