This looks fantastic! I've used Mint to track my expenses and this looks way better (especially the course correction concept.) The biggest issue that comes up when entering financial data into something like this is how is the data stored and what security measures are in place? If my financial data was leaked, I know that hackers could use that to get access to my bank accounts.
Please don't take this personally, but reading through your blog post, you mentioned that you had limited DevOps experience that makes me a bit scared that regular security updates and security practices may not be something that you were thinking about when the app was being developed.
I'm going to signup and play with it regardless, but it would be really difficult to put my actual financial data in the app.
Question: Is security of user data something you have thought of? Do you plan to hire someone that is security minded if the app does well?
This is a great point and a valid question and I'm glad you brought it up. I wrote up a Privacy Policy (https://lunchmoney.cc/privacy) to address some concerns users might have about their data and how it's handled. In terms of connecting your bank accounts, all of Lunch Money's interactions with your bank is through a third-party service called Plaid which is also used by many other financial apps on the market. They've written up a few white papers on their security. That being said, I only have read-access and don't do any sort of interaction with your bank (i.e. depositing some funds and having your verify it). No personal information is pulled either.
The DevOps stuff in my blog post was more referring to stuff like CI, deploy infrastructure, and other behind-the-scene workflows. I've previously worked for 3.5 years mostly as a back-end software engineer at Twitter and was the founding engineer of a YC Fellowship &500-backed pet health start-up handling thousands of pet medical records, so I've gained a lot of experience when it comes to keep things secure.
All that being said, security and user data is really important and not something I take lightly at all. I hear this feedback a lot and am continuously thinking of ways to put my user's minds at ease. If you have any ideas or want to talk about it more, I'm always open to chatting.
Please don't take this personally, but reading through your blog post, you mentioned that you had limited DevOps experience that makes me a bit scared that regular security updates and security practices may not be something that you were thinking about when the app was being developed.
I'm going to signup and play with it regardless, but it would be really difficult to put my actual financial data in the app.
Question: Is security of user data something you have thought of? Do you plan to hire someone that is security minded if the app does well?