Elusive Wealth

Store Front

If you’re like me, you’ve been conditioned to be at least a little suspicious when you’re approached by a salesperson in a retail store.  You KNOW they’re going to try to sell you something.  However, you may not always understand what it is they are trying to sell!

In a Target, Wal-Mart or Macy’s, you’ve already been sold before you walk in the store – by the brand name.  The clerk is simply there to take your order…and your money. But at Bob’s Bait and Bagels or Sally’s Hutch Hutch, the owners are trying not to simply, or even primarily, sell bait, bagels or hutches.  They want to sell you on the same thing that Target already has – their store.

So what do I do with that information?  I engage the store owner (or knowledgeable clerk) in conversation.  I ask questions. Although they certainly want to make a sale, even more, they want me to come back again…and again…and again.

Bob or Sally, being smart retailers, want me to feel that I received the best value I possibly could on that bait, bagel or hutch.  I might learn from Bob that pink worms aren’t any good unless the Bass are spawning or from Sally that solid oak is once again preferred for firewood, not furniture and that hickory veneer looks better and cost half as much.

Saving real money is more than clipping coupons, it’s being informed and that “evil salesperson” may be your best source of information.

One of the topics I would like to cover over the coming weeks is wealth and income distribution. There are several reasons why I want to cover it, first and foremost I think it is relevant to many people. There is concern about the shrinking middle class, increasing poverty and rising health costs. I want us to look at what might the contributors to that, and find some ways to address it.

To start this discussion, let’s take a look at some statistics on the distribution of income in the United States. Maybe from this there is something to learn, or perhaps its just interesting data.  First let’s look at some of the 2005-2007 census data. Statistics show that we have 111.6 million households. So what is the relative wealth breakdown of those households?

Income Levels (2005-2007 Census Data)

The median income during this time period is right around $50,000. If you are significantly lower than that, you might be struggling to make ends meet. If you are higher than that, you might have a good income, especially relative to the rest of the country… but even then you might not feel like it is sufficient. And if you are way off the charts, you might be Obama-rich (congratulations if that is the case)!

So how do these numbers differ from the past?  Below is the same data from 1993.  You can see the trend as fewer households are in the under $15k range, and significantly more households are in the greater than $75k range.

Income Levels (1993 Census Data)

In 1993, the median income was $31,553 compared to the $50,000 number for 2005-2007.  During this time period (1993 to 2005) the consumer price index grew from 213.7 to 284.3, an increase of 33%. The median family income grew over 58%. So why are incomes outpacing consumer price index during that time period?  One of my thoughts is that a certain portion of that increase is represented in the increase of dual income families.

At the same time that households appear to have more money relative to the cost of goods, people have felt increasingly more strapped. Take a look at some data from Pew Research (The Median Debt-to-Income Ratio for Households With Debt Holdings) that really highlights what I believe to be a major contributor, if not the largest contributor, to any disparity in wealth and the “fading middle class.”  This graph shows the median debt to income ratio of high, middle and lower income earners in 1992 and 2004:

Median Debt to Income (1992 and 2004)

Notice the tremendous growth in debt compared to income! We can consider what goes into that. For instance, I have no doubts that rising health care costs are a contributor. But I also believe that our excess is a factor as well — our Starbucks, BMWs, and our willingness to take on house we cannot afford.. If you compare the income data, it seems we should feel better about our position not worse. And certainly it is difficult to see the middle class disappearing from the income data. Compared to inflation it seems middle class should be getting richer. But this debt is a tremendous burden. And doesn’t Congress provide a wonderful example of keeping debt within reason?

What are your thoughts on what contributes to this drastic increase in debt?

OK, there are no sure things, but I think this comes about as close as it gets.  If you’ve been thinking about buying a house, are in a good credit position and haven’t owned a house in the last 3 years, then now’s the time to DO IT!

If you’ve been paying attention, you know that the Federal Government offered a $7500 income tax credit to first time home buyers (http://www.irs.gov/taxtopics/tc611.html) who purchased homes in 2008.  Of course, like any government program, there were exceptions (you can’t make too much money, you greedy #$&%!) and unlike other “credits” this one had to be paid back.  The pay back can be over 15 years and is interest free, so it’s essentially an interest free loan – still a pretty good deal.

Well, in 2009 the deal is even better because it’s now an $8000 (real) credit and you don’t have to pay it back (http://www.irs.gov/taxtopics/tc612.html).  You must purchase the house after December 31, 2008, and before December 1, 2009 and keep it for at least 36 months to qualify for the credit.  And for those of you that purchased a home early in 2009 and claimed the $7500 “non-credit credit” – EUREKA! You can file an amended return and get the $8000 non-refundable credit.  For some FAQ’s on this subject check out http://www.irs.gov/newsroom/article/0,,id=206293,00.html.

With the housing market still not out of the woods, this alone wouldn’t necessarily tempt me to buy at this time.  However, I just don’t believe interest rates are going to stay this low very much longer.

Since 1992 rates for a 30 year fixed mortgage have ranged from a high of 9.2% to a very recent low of just under 4.8% *. During the late 70′s and early 80′s, a time of rampant inflation, mortgage rates peaked above 18% *. With Uncle Sam spending money like a drunken sailor (no offense to our men and women in uniform), inflation and interest rates are going to soar. Unless, of course, Washington and the Fed…  Ok, this isn’t a fantasy blog; my opinion – buy now.

* Source:  Federal Home Loan Mortgage Corporation’s (Freddie Mac) Weekly Primary Mortgage Market Survey (PMMS)

Recently on Consumerism Commentary, Flexo posted about the upcoming discontinuation of Microsoft Money.  First and foremost, this was a great post and important information for consumers of either Money, Quicken, or one of the similar on-line options. Unfortunately on the desktop, Quicken will no longer have significant competition (unless you like the free alternative, GNUCash). Quicken has been my personal choice for the past 5-6 years, despite its relatively higher cost.

Because of the removal of MS Money from the market, the discussion of alternatives such as Mint.com and Quicken On-line came up. These tools are considered on-line account aggregators because they typically connect to your accounts at various institutions and download statements. Below is a list of common account aggregators:

• Mint.com
• Wesabe
• Yodlee
• Geezeo
• Quicken On-Line

The most common concern of using these on-line account aggregators is security. How safe are these on-line account aggregators?

Mint

Current Security Measures

First let’s take a look at the security the sites do provide, before we get into the possible weaknesses. We are going to focus on Mint.com, though all of the sites provide similar security. Mint.com’s security features can be viewed here. But here is a basic rundown of those features:

• Anonymimity
• 128-bit SSL encryption
• Secure facility protected by biometrics palm scanners and 24/7 security guards
• Bank-level data security standard (encryption, auditing, logging, backups, and safe-guarding data)
• The site has the VeriSign seal.
• Mint has anti-phishing protection provided by RSA

So what does all of this mean? Well, first, anonymimity means that Mint does not ask for personally identifying information, for the most part. This includes data like name, social security number, etc. However, they do ask for e-mail. The point here, though, is that the data that they have on you (financial account balances and transactions) cannot easily be traced specifically to you.

The 128 bit SSL means that the data you submit from your browser to Mint’s network is encrypted in a fairly difficult to decrypt manner. This is the web standard SSL that you see when you use a bank or a web site that has the security lock on your browser. This is good, it protects your data as it travels to Mint. The VeriSign seal primarily validates that this SSL encryption is in place between your computer and Mint’s servers. Once it gets to Mint, they can encrypt your data using SSL as they pass it around internally so that no one at Mint can see it. And when they send it to your bank or other service providers it can be and likely is encrypted with SSL.

The bank level data security helps give some assurances about what happens with your data, including your bank log on credentials, while it is inside Mint’s network. If encryption of your credentials and data is maintained always while in Mint’s network, then only a security breach of the encryption key could compromise the data. Usually it takes more than just having the key, you also have access to the devices that have the data stored on it. The bottom line is that once it reaches Mint’s servers, we have to take their word for it that it remains encrypted, and I will give them the benefit of the doubt on this based on what they have stated here.

Of course physical security like biometric palm scanners and security guards means they don’t just let anyone into their facility. That is a good thing.

Where Are the Issues?

Mint handles two types of sensitive data. One type of information it holds consists of records of your account balances and transactions that it has aggregated from various sources. This information is valuable to you, but has limited valuable to anyone else. As long as the login information for your bank is not stored along with the account data, you cannot do damage just knowing the location and amount of the account. That brings us to the second type of information, your login information, or credentials.

According to Mint.com, the credentials information is not stored within their network. From their site:

“We need your online banking user name and passwords so that we can help you organize and manage your accounts, that information is encrypted and transferred in a secure manner. We store only the information needed to save you the trouble of updating, syncing or uploading financial information manually. Your banking login credentials are securely stored by our online financial service providers. Your Mint login credentials are not shared with these providers.”

This is reassuring, the bank user names and passwords are not stored by Mint. Instead those credentials are stored by their online financial service providers. Basically after the first time that you enter your credentials for a financial institution, Mint connects to their online service provider to retrieve the account data, and also received an ID or token at the same time. That token allows them to retrieve, read only, account balance and transaction information in the future to keep Mint in sync with your accounts. Although it isn’t stated directly, on-line financial service providers seems to imply banks. In fact, banks could provide this service. However most of them do not. Most banks and financial institutions require your login information, including possibly additional information like answers to your “secret” questions.

The reality is that Mint’s online financial services provider(s), if there are more than one, are not the banks and financial institutions. Instead it is a third party company, Yodlee. As mentioned earlier, Yodlee also provides its own on-line aggregation service for customers.  While it is difficult to find direct mention of Mint using Yodlee behind the scenes, looking through the forums and some other websites you can find that Yodlee is indeed their provider. Below is Mint’s statement on its liability for any loss with their third party system(s):

“However, it is important to understand that these precautions apply only to our Site and systems. We exercise no control over how your information is stored, maintained or displayed by third parties or on third-party sites.”

So, while it is by no means a secret, it is important to keep in mind that if you use Mint, your credentials are stored somewhere. And they are all likely stored in one location at Yodlee. To me it seems clear that Mint.com obscures this fact. You can see in their forums that they use Yodlee, but you see no reference to it on their site directly. Although they don’t directly say it, their wording implies that credentials are not stored by them and are instead stored only by financial institutions. One of the reasons they do not make this obvious may be for security itself, however I do believe they are intentionally vague on this for marketing purposes.

I do not want to give the impression that if you use Mint your credentials are being passed around in numerous e-mails at Yodlee or outside of Yodlee. Yodlee itself is no slouch on security. They provide many of the security precautions that Mint provides, probably quite a bit more. Broke Grad Student provides a good synopsis on Mint Myths Debunked where it is mentioned that Fidelity and Bank of America use Yodlee, for example. So even without using Mint, your credentials may be stored at Yodlee for other financial institutions.

With that said, many people have an issue with having ALL of their account information in a single place. An intelligent, disgruntled employee at Yodlee could find a way to get to that data. It would be difficult, but not impossible. Using the desktop version of Quicken reduces that risk. Desktop Quicken stores your credentials locally on your computer. So unless your computer is compromised, that information is safe. Even if your computer is compromised, someone would have to break Quicken’s security measures. However there are two slight risks, even to the desktop version of Quicken:

• There is nothing stopping Quicken desktop from passing credential information through Quicken’s servers on the way to the financial institution. I don’t believe they do this, and I don’t believe they intend to do it. But it would be difficult to detect if they started. If they did, eventually I would expect this to come out and there would be negative repercussions with Quicken for such a move. But if they chose to do this, it would put Quicken desktop in the same position of every other on-line account aggregator.
• Quicken provides automatic bill pay. So unlike Mint there is the possibility of moving money from within Quicken desktop if someone were to break in. (But if someone breached Yodlee, they would have access to full credentials, not just read only tokens)

The Banks Role

For services like these on-line aggregators and Quicken desktop to work, Banks and financial institutions must provide the mechanism to retrieve account information. For years they have provided the ability to download transactions from their site into desktop software using Quicken and MS Money formats. In the past 5 years or so it has been possible to download some financial institution’s transactions directly from within these tools. Some banks have been supportive of that capability while others have been wary of the security.

Regarding on-line aggregators though, many banks have a firm position. Below is an excerpt from an e-mail from ING Direct to a customer regarding Mint.com:

“I understand that you recently had an issue trying to connect to our website using Mint.com. This service is commonly referred to as an account aggregator. While this service may have worked in the past, most users are finding that their aggregator does not work with our New Sign In Process.

The security of your information is very important to us. Once your personal information leaves ING DIRECT, we have no control over your information or how it is used by third parties. Because we have no way of monitoring how account aggregators address security, privacy or the use of cookies we are unable to support the use of these services.

To best protect your personal information and your funds, we recommend that you do not share your personal information (including your Customer Number and PIN) with any third party.”

Many other banks have the identical position that using account aggregators is at your own risk.

Conclusion

In the end you have to do what you feel comfortable with. Yodlee’s servers are many times more secure than most people’s home computers. Take that into consideration when considering the on-line aggregators versus something like Quicken’s desktop version. Consider your bank’s and other financial institutions position on using such services.

For my own part, I have been using Quicken for many years after giving up on MS Money. Recently I gave Mint a try and I do like its ease of use and slick interface. But I had significant trouble interfacing it with my ING Direct account, which is what led me to research this information. In the end I am going to stick with Quicken.

Ultimately the best thing you can do to protect yourself is to periodicially change your password and use strong passwords. If you choose the desktop Quicken solution, be sure you have a quality firewall and virus protection in place. There are some other best practices here that we can tackle in a future post.

Many look at the current economic conditions to point out that Capitalism is failing us. They say that capitalism has taken away so much of our

Uncle Sam?

wealth. The reality though?  Capitalism has merely taken a small portion away of the vast wealth that Capitalism provided in the first place. Sure, it does not seem like a small portion. Times are tough and jobs are scarce. Only jobs aren’t as scarce as they have been in the past. And times aren’t as tough as they have been before.

Will times be as tough as they once were?  Maybe, if we keep trying hard enough. If we continue to get better at spreading the wealth around through taxing wealthy, we can get there. If we socialize health care, that will help. If our government keeps taking companies over that will help too.  We can go all the way to the dark ages and beyond if we want to.

What about the great disparity in wealth in our country? Clearly capitalism has increased the gap between the haves and have-nots, right? No again.  The haves are the have-nots employers! Take away the haves (by taking their money) and all you have are have-nots. Sure it’s just a little bit here and there, the haves won’t miss it. The haves won’t use it to hire someone either then. The government cannot hire everyone. The gap between wealthy and the middle class may be growing, so do we take the money away?  Or do we earn it by providing products they can use. And does the money of the wealthy sit under a mattress providing no value to anyone?  Sometimes, but usually it is invested in something that helps everyone produce goods that people need. If it is invested, what else might it be doing besides earning more money for the investor?  Providing jobs.

Well, take the banks — what an example of unfettered capitalism going wrong. Clearly they demonstrate that there must be regulation, right?  Sure, there must be some regulation – not everything fits into an absolute, capitalism is no different. But did capitalism really result in the mess we are in?  To a point, because with capitalism there will always be fluctuations in the marketplace. That is a good thing. But let’s look at other events that contributed to the mess:

• We, the people, borrowed any money we could get our hands on.  We, the people, bought houses we could not afford.
• We continued to be customers of mega banks that increasingly provided lower interest rates and poor customer service.
• Our U.S. Government decided that everyone deserves life, liberty, happiness, and a home. The Community Reinvestment Act encouraged banks to lend to people who could not afford homes. [This is not the cause, it is a contributor]

Do banks have an obligation to ensure that their customers can repay their loans. Absolutely. If they cannot, what happens?  The bank, its management, its shareholders, and unfortunately its employees move on to better endeavors. Why is this important?  Because this is creative destruction, where companies that fail and cannot produce go away. This is capitalism’s way of handling poor management, poor products, poor service, and corruption.

So after I say all of this, I must not care about others, right?  Me, and others that think like me, must be hoarders without empathy. No, I support capitalism because I care. Capitalism is the only system that allows the level of entrepreneurship we have seen in this country.  It is the only system that produces so many millionaires from the have-nots. Those who believe in the opportunity to create wealth for themselves must believe in capitalism, for without it that opportunity does not exist.