I had 187 transactions last month. The odds that I would overlook one is pretty high. A service that can automatically highlight interesting categories seems pretty useful.
Let's be conservative and say that it takes the average person 3 seconds to read a transaction, recall whether it is a retail or subscription service, and if it is a subscription service decide if you want to keep it or investigate it. Then in no more than 10 minutes you would have generated a short list of subscriptions to investigate and potentially cancel.
Do you really not have 10 minutes per month to review your transaction history?
The service may be free, but(!) you have to hand over your financial info (to a random company) and credentials (to plaid/intuit). Protecting that information is worth a lot more to me than 10 minutes of my time.
Not to mention, reviewing one's monthly transaction one by one is a great opportunity to reflect one's spending habits and rein in superfluous purchases.
Would you entrust credentials to financial auditing software that only ran locally on a trusted client device, where the auditing software was firewalled so it could only access whitelisted network addresses?
Keeping transactions categorized in Mint easily takes me a couple hours per month. Many restaurants/bars/online shops have terrible metadata for their transactions, in my experience. I typically have ~300 txn/month between my wife and I. Most of them take no time at all. The ones where I have to dig due to crap metadata usually take 5-10 minutes apiece.
I've mostly decided it's not worth it, but every couple months I'll ask "how did we spend this much?!" and categorize everything only to discover it was my new ski gear all along and I'd just forgotten it.
Honestly I had the exact same problem. The solution for me was still pretty simple though, I just changed how often I would examine/categorize the information. I had much better recall of what transactions I have approved over the past couple of days rather than over the past month and it takes much less time overall.
I use YNAB which is basically the manual version of Mint. It imports exactly nothing for you. You must log into your bank account/credit card and log each transaction and categorize it yourself. This might take me 30 minutes per month. If you wait until the end of the month it will take longer because you'll forget what you did at the start of the month. You need to keep up with it like anything else.
You can import records in bulk from online banking exports, though, which is what I do to get my transactions in the system, and if it sees a payee it's seen before then it'll automatically suggest a category. You do still have to approve every transaction, which I think is useful.
> Do you really not have 10 minutes per month to review your transaction history?
You're asking a loaded question here, with the intent of shaming people into giving dishonest answers.
The correct question to ask is: how many people carefully look through their credit card statements every single month?
My guess is that ~25% will say that they do and ~10% actually would catch inserted mistakes the first month.
To build successful products, you have to design for people as they are, not at as you think they should be in some ideal world where people are smarter, more virtuous, more rigorous, or have more time.
Whether I have 10 minutes (I do) is a very different question from whether I review each transaction carefully every month (I do not).
Also, IMO the 2nd part -- easy automatic unsubscription in one place -- is actually even more valuable. A few times I would actually notice a transaction, say I need to cancel this one before next month/quarter rolls over, and then forget about it :)
It takes me 10 minutes to figure out what amazon order resulted in 3 separate charges, none of the numbers ever being mentioned in my Amazon order history (just the sum).
> Just look at the list of your transactions and that's it.
Not if you have several cards through several servicers. I myself have eight servicers that I'd have to check. I only actively use four of them, though. I'm acutely aware of this complexity and have over time moved most recurring bills to a single card on a single servicer.
More importantly, (I think) a budget goes a long way in knowing where your money is going because you are telling it where to go. Setting up a monthly budget is key to managing your finances
So, I'm supposed to hand over my credit card to some unknown stranger and hope that they're good people? Holy privacy intrusion, Batman!
There's nothing on the website stating that they're not storing information. (They do list that they don't have access to certain info, such as credentials, but nothing discussing actual transaction data.) I would hope that sort of thing would be explicitly called out. There's also no mention of security audits or anything other than their use of 256-bit encryption for lots of stuff, which frankly I don't know whether is good or bad, enough or nowhere near that. Also, companies of this size go out of business or get acquired or whatever all the time... where's some assurance that my data will be purged when the company dissolves or gets bought out by WeSellYourData.com?
Color me somewhat skeptical.
On a related note, the fact that TheVerge talks about it as though "what an awesome service" without mentioning ANY sort of "oh and by the way they can see ALL YOUR DATA because they're TEXTING IT TO YOU BY GOLLY" makes me think the less of them, as well.
Like every shop, bar and website you've ever been to?
Colour me confused Robin!
You read http://www.asktrim.com/security, did you read the last paragraph where they say you can email them directly at security@asktrim.com, why don't you do that instead of over-reacting in the comments?
Lower friction as you are creating a process that works on multiple OS' without needing to download an app
Also, everyone largely keeps text message notifications on so it's easier to maintain communication compared to relying on the user enabling app notifications
You nailed it. It gives you 100% market penetration with one system, one UI, and then you can focus on the backend processing and workflows. It also doesn't require data or the like. If you throw in some phone number -> country processing, you can even make some best-guess localization/internationalization with pretty minimal effort.
I'm curious about how you can deal with security/authentication in these SMS APIs. In theory, sending spoofed SMS messages to Trim would let you cancel someone else's sbuscriptions.
There are a few tactics but first consider the odds:
- First, the target would have to be a subscriber to Trim so that's a small group.
- Then you'd have to cancel something they actually have so that further shrinks the group. (Netflix would be a likely candidate.)
- But then Trim could thwart most attacks with a simple "Are you sure? If so, respond with " + rand(0, 100) If Trim used a simple Y/N the attacker could spoof that easily.
Spoofing a message from another number is relatively easy. Catching Trim's responses is more effort and most attackers aren't going to go to that level of effort.
I think the reason text is increasing as a UI craze is the same reason email is making a resurgence. Lots of companies focused on social media and apps to connect with their users the last decade as those channels had unlimited promise.
But we've seen Facebook control the connection with your audience on that platform and start forcing you to buy ads if you want to communicate to a large percentage of them. In the same way, apps have matured a bit and those who might have made apps to get the instant notifications have seen users and or Apple control the push notifications more.
Since texting is usually reserved for people we know, having notifications via text means you'll read almost 100% of them, rather than turning them off. Focusing on text is a way of cutting through the noise.
I was a Netflix user but one day as I was looking at my credit card statement I saw I was charged twice three months in a row.
I called Netflix support and was told some excuse their computer had already billed me so their hands were tied.
Somehow with no interaction Netflix was able to sign me up for another account on my credit card not authorized by me. And they didn't seem the least bit worried and we're actually defensive or insulted.
I can't recall the end result but I think I was given a month free or something like that.
The support person was sorry I didn't want to stay with them I said you have no idea how I need up with two accounts! Why would I stay?
Anyway I guess this service wouldn't trim that duplicate account but it shows how easy we can lose control of our money.
May be useful at the enterprise level/in a work context. I will be honest and admit that as an executive at a startup, I often sign up for tools that I plan to later sunset but forget about / think "Well, I might use that next month." Totally different mindset than I might apply personally.
Mint can already look at your CC transactions if you connect the bank account to it. I wonder how come they've never done something similar. It wouldn't really cost them that much to maintain a database of subscription based services and do a text match to highlight them. Heck it can even be a category. You can of course do this manually, but they could automate it just as easily.
I subscribe to the Economist digital edition, and I recently noticed that I was being billed twice for my quarterly subscription.
It turned out, I had "two digital subscriptions" albeit ONE username and password.
The person kindly informed me this was going on for 3 years and could only refund me a year's worth after I protested how it was possible to have two digital subscriptions with the same Userid.
41 comments
[ 2.3 ms ] story [ 97.9 ms ] thread[1]: https://www.plaid.com/
[2]: http://www.asktrim.com/security
[0] http://www.asktrim.com/faq
Uh, really? Just look at the list of your transactions and that's it.
We all live on the shallow submarine.
Do you really not have 10 minutes per month to review your transaction history?
The service may be free, but(!) you have to hand over your financial info (to a random company) and credentials (to plaid/intuit). Protecting that information is worth a lot more to me than 10 minutes of my time.
Not to mention, reviewing one's monthly transaction one by one is a great opportunity to reflect one's spending habits and rein in superfluous purchases.
I've mostly decided it's not worth it, but every couple months I'll ask "how did we spend this much?!" and categorize everything only to discover it was my new ski gear all along and I'd just forgotten it.
> Do you really not have 10 minutes per month to review your transaction history?
You're asking a loaded question here, with the intent of shaming people into giving dishonest answers.
The correct question to ask is: how many people carefully look through their credit card statements every single month?
My guess is that ~25% will say that they do and ~10% actually would catch inserted mistakes the first month.
To build successful products, you have to design for people as they are, not at as you think they should be in some ideal world where people are smarter, more virtuous, more rigorous, or have more time.
Also, IMO the 2nd part -- easy automatic unsubscription in one place -- is actually even more valuable. A few times I would actually notice a transaction, say I need to cancel this one before next month/quarter rolls over, and then forget about it :)
Not if you have several cards through several servicers. I myself have eight servicers that I'd have to check. I only actively use four of them, though. I'm acutely aware of this complexity and have over time moved most recurring bills to a single card on a single servicer.
There's nothing on the website stating that they're not storing information. (They do list that they don't have access to certain info, such as credentials, but nothing discussing actual transaction data.) I would hope that sort of thing would be explicitly called out. There's also no mention of security audits or anything other than their use of 256-bit encryption for lots of stuff, which frankly I don't know whether is good or bad, enough or nowhere near that. Also, companies of this size go out of business or get acquired or whatever all the time... where's some assurance that my data will be purged when the company dissolves or gets bought out by WeSellYourData.com?
Color me somewhat skeptical.
On a related note, the fact that TheVerge talks about it as though "what an awesome service" without mentioning ANY sort of "oh and by the way they can see ALL YOUR DATA because they're TEXTING IT TO YOU BY GOLLY" makes me think the less of them, as well.
Colour me confused Robin!
You read http://www.asktrim.com/security, did you read the last paragraph where they say you can email them directly at security@asktrim.com, why don't you do that instead of over-reacting in the comments?
I've been wanting to use a service like this but here is my question.
Whats with the whole text message as a ui craze?
I don't get it / like it.
Especially for this app. The explanation I usually hear is its good for people who dont have smartphones or at least good ones.
But I think the overlap of the set of people with this problem and no smartphone are vanishingly small.
This is the kind of service I want an app/ website that I can analyze the data with and push notifications work for the text message case.
It's a next gen command line.
Also, everyone largely keeps text message notifications on so it's easier to maintain communication compared to relying on the user enabling app notifications
It's a simple but powerful approach.
~ Former Twilio evangelist, so biased :)
- First, the target would have to be a subscriber to Trim so that's a small group.
- Then you'd have to cancel something they actually have so that further shrinks the group. (Netflix would be a likely candidate.)
- But then Trim could thwart most attacks with a simple "Are you sure? If so, respond with " + rand(0, 100) If Trim used a simple Y/N the attacker could spoof that easily.
Spoofing a message from another number is relatively easy. Catching Trim's responses is more effort and most attackers aren't going to go to that level of effort.
But we've seen Facebook control the connection with your audience on that platform and start forcing you to buy ads if you want to communicate to a large percentage of them. In the same way, apps have matured a bit and those who might have made apps to get the instant notifications have seen users and or Apple control the push notifications more.
Since texting is usually reserved for people we know, having notifications via text means you'll read almost 100% of them, rather than turning them off. Focusing on text is a way of cutting through the noise.
I called Netflix support and was told some excuse their computer had already billed me so their hands were tied.
Somehow with no interaction Netflix was able to sign me up for another account on my credit card not authorized by me. And they didn't seem the least bit worried and we're actually defensive or insulted.
I can't recall the end result but I think I was given a month free or something like that.
The support person was sorry I didn't want to stay with them I said you have no idea how I need up with two accounts! Why would I stay?
Anyway I guess this service wouldn't trim that duplicate account but it shows how easy we can lose control of our money.
Just update your legitimate subscriptions with your new card number, keep careful notes, and wait to see who else out there starts squawking.
It turned out, I had "two digital subscriptions" albeit ONE username and password.
The person kindly informed me this was going on for 3 years and could only refund me a year's worth after I protested how it was possible to have two digital subscriptions with the same Userid.