| > I personally take security very seriously Respectfully, your users don't care about technical security if you get compromised - they care about their financial security. Please do reconsider your stance on liability, I found myself wincing while reading that disclaimer. It pains me to say it as a techie but insurance is more important than security in this case. It'd be great if you were iron clad against all hacks ever but it'd sit more easily if there was insurance backing it up. What if you get a rogue employee dumping out all the credentials for example, not all attacks come from outside. If you don't trust your security enough to assume liability, why should your users? > FWIW it is not currently possible for users to move money with Teller I don't believe it's so much a compromised service or API that's concerning, it's your credential storage. The data you hold does allow users to move money if compromised. Having picked fault with your service enough, it does look like a great service and I'd love to use it one day. Best of luck! |