TEXT OF INTERVIEW:
TESS VIGELAND: Alright confession time. I occasionally go online to check my bank and credit card accounts at work. Probably not the best use of my time, but you know I'd be faster at it if things were simpler. Well a company called Yodlee claims they're got a solution. Bob Sullivan covers technology at MSNBC. Bob what's the dealee with Yodlee?
BOB SULLIVAN: Yodlee is an aggregator. They want to give you one Web site where you can look at all your accounts. Log in only once. Transfer money around and move money around and basically simplify your online financial existence.
VIGELAND: Well, let's talk about that a little bit. Frankly it sounds like a great idea. I would love to be able to go to one Web site that has all my airline mileage numbers. And it has all my bank accounts and credit cards, but I suppose in the era of identity theft there are a myriad of concerns here.
SULLIVAN: Yes, the obvious concern is it would also be a much simpler way for a criminal to steal from all of your accounts. There are pluses and minuses here. For the most part everybody uses the same user name and password at all Web site even though we tell them not to. Because who can remember all of those names?
VIGELAND: Exactly. I have to tell you I'm one of those people who literally rolls her eyes every time I'm prompted to like I have to come up with some new password.
SULLIVAN: Yeah, it's crazy. And so criminals know if they break into Joe's Tackle Web site and they get some good user names and logins the first thing they do is then they go to Amazon and Bank of America and Citibank. So it's not too dissimilar from having a Web site where all of this stuff is together. And I have to tell you, right now while Yodlee's computers themselves may be safe from hacking, or maybe largely safe as they say they are. The point of weakness is and has always been the user who might divulge their identity in some way and hand over the keys to a criminal through a phishing attack and thereby without even breaking into Yodlee's computers a criminal could access accounts belonging to a consumer.
VIGELAND: So it's not just hackers but you inadvertently somewhere leave your password and your logon name and uh oh.
SULLIVAN: That's right. And again now you've got a criminal who can see a dashboard of all of your accounts.
VIGELAND: So is there any other solution here? I mean would it be possible to design some sort of holding pen for all this information or are we all just going to have to buckle down and remember everything?
SULLIVAN: Well the solution might be to improve our memories. We've been doing this Internet thing for more than 10 years now and for the most part we're still just using usernames and passwords which seems crazy. Several online banks are staring to finally add a couple of additional layers of what we call authentication. Bank of America for example just introduced something called site key, which has a couple of steps. The first one is there's a picture on their home page that you pick when you go to the site. And that makes sure that you're at the real Bank of America site and not a fake one. If you go to ING Direct now you have to enter a PIN number and you have to enter it with your mouse not your keyboard. So even if you have a Trojan horse that watches your keystrokes on your computer, criminals can't steal your information. So there are new steps that are being taken. And I think consumers so far have been receptive because they realize something has to be done and I think that will eventually get us to a safer Internet.
VIGELAND: Will you be using Yodlee?
SULLIVAN: I won't. I don't feel comfortable with putting all those things in one place. And by the way I should mention that Yodlee has been around for quite a while. What's really new here is they're making a big push into the more public consumer space. So we'll see how that goes.
VIGELAND: Bob Sullivan of MSNBC and also the author of the book "Your Evil Twin Behind the Identity Theft Epidemic." Thanks for helping us sort this all out.
SULLIVAN: Sure, anytime.