Fantastic set of topics! As an engineering undergrad at UC Davis, I took a course in engineering law which was incredibly helpful. It's great to see a course in personal finance for engineers. As an entrepreneur building financial services for STEM professionals, I see a distinct opportunity to educate this demographic. While financial education for all demographics is desperately lacking in the US, the STEM crowd has the mathematical training to be presented with a more rigorous treatment of the topics. Moreover, STEM professionals quite often have compensation packages that include complex financial arrangements (e.g. deferred comp.) and/or derivatives (e.g. options) that are difficult to value and/or manage.
It depends on the security needs of the service. Email addresses are discoverable making it easier for an attacker to target a particular account while usernames give the user the opportunity to further insulate themselves from being discovered on a service and potentially brute-forced or cross-ite attacked. Perhaps less important for a social sharing service and more important for a financial service, but it depends on the user.
It's amazing that we can grant revokable, read-only and audited access to our social accounts, but not our bank accounts. Even though the largest aggregators operate under some level of federal supervision (via FFIEC and the OCC), there is an obviously better way. TxPush (http://txpush.org) looks like an initiative in this direction. There will likely be an ongoing need for aggregators to maintain access to laggard financial institutions and possibly to buffer load on the bank servers as consumers use more and more financially connected apps.
> It's amazing that we can grant revokable, read-only and audited access to our social accounts, but not our bank accounts.
The UK is moving in this direction. The ODI/Fingleton report into Data Sharing and Open Data for Banks[1] recommended creating a open banking API standard and suggested using OAuth, using Twitter as an example (see p24 of the report). Work has begun on defining the roadmap towards creating an API standard[2].
