I just noticed Sentry's new payment method. They want your bank sign in information, you're bank sign in name and password. No way am I giving anyone that information. I have never seen another site ask for this information. Other MSC have asked for bank account number and routing number, but never your bank log in information.

Edited 1 time(s). Last edit at 01/23/2019 07:11PM by johnb974.

I recently got this when I went to open a bank account online. They wouldn’t take routing and acct info, only a login. It was strange.

@1cent wrote:

I recently got this when I went to open a bank account online. They wouldn’t take routing and acct info, only a login. It was strange.

I got this response from them "We are not asking for your login information, this is not saved. It's a common way to verify a bank account for direct deposit. "...that makes no sense. They're not asking for it, but they're not saving it? If you're not asking for the account information, how can you say you don't save it?

I’ve never done that with an MSC, but I have seen that done before to verify an account. I think PayPal has this as an option to verify your account instantly, instead of the older method of making a deposit and withdrawal of small amounts.

I’m not saying I would trust this from an msc, but it may be legit.

I would never trust any site asking for my account log in information.

Neither would I, John!!!

They give you the option of using Micro Banking. Asking for my log in information on my bank account is a big NO to doing any work for them. I don't care about any second option.

Send them an email asking for the companies bank account information so that you do not have to wait to get paid or reimbursed. I will only take what is owed me. Think they will go for that?

I did a similar thing when MF wouldn't accept my EIN and insisted on having my SS#. Told them I would give them my SS# as soon as they provided me with the names,home addresses, SS# and DOB of each of their top officers. They refused.

Edited 2 time(s). Last edit at 01/24/2019 01:42AM by bestofbothworlds.

I received an email from Sentry as well. I just needed to reconfirm my bank account by advising them of the amount of two deposits I received. I think they are just switching the company they use to process payments. They did not ask for my bank password and like others here I wouldn't have supplied it.

I have never shopped for Sentry, but signed up with their new system anyhow.... They had two ways to set up your direct deposit.... One was the "slow" way like what @COMystery describes. The other involved using your banking login information - which set up direct deposit instantly. I did the instant route - I read the disclaimers and decided I was not concerned.

@MFJohnston wrote:

I have never shopped for Sentry, but signed up with their new system anyhow.... They had two ways to set up your direct deposit.... One was the "slow" way like what @COMystery describes. The other involved using your banking login information - which set up direct deposit instantly. I did the instant route - I read the disclaimers and decided I was not concerned.

I would never give out my log in information to anyone at the company. You don't know who has access to that information. If money goes missing from your bank account, the bank will ask if you gave out your log in information. If you have, the bank is not required to return your money. You gave away your log in information, they are not responsible.

I give these companies my SSN, name, address, birth date, etc. They already have everything they would need to access *all* my bank accounts and more if something nefarious was going on. Giving them my login information to one mystery shopping account does not further open me up. Moreover, both Sentry and Plaid are established companies with good reputations. Moreover, I read about how my login information is being used and deleted. I am not concerned.

It is your right to not sign up if that's what's best for you.

@johnb974 wrote:

@MFJohnston wrote:

I have never shopped for Sentry, but signed up with their new system anyhow.... They had two ways to set up your direct deposit.... One was the "slow" way like what @COMystery describes. The other involved using your banking login information - which set up direct deposit instantly. I did the instant route - I read the disclaimers and decided I was not concerned.

I would never give out my log in information to anyone at the company. You don't know who has access to that information. If money goes missing from your bank account, the bank will ask if you gave out your log in information. If you have, the bank is not required to return your money. You gave away your log in information, they are not responsible.

Edited 1 time(s). Last edit at 01/24/2019 05:51PM by MFJohnston.

Again, you don't know who has access to that information. Giving them your Social Security number does not give them access to your bank account, only your log in information does that. If doesn't matter if it's an honest company, they do hire bad employees.

@MFJohnston wrote:

I have never shopped for Sentry, but signed up with their new system anyhow.... They had two ways to set up your direct deposit.... One was the "slow" way like what @COMystery describes. The other involved using your banking login information - which set up direct deposit instantly. I did the instant route - I read the disclaimers and decided I was not concerned.

After Sentry confirms your bank info, I suggest you then change your password at the bank. Can’t hurt and might preclude any unwanted activity.

The feature the OP is referring to is called Instant Account Verification (IAV). This is an alternative to using micro-deposits to verify bank account. IAV is a safe and secure method of account verification and the user's login credentials are NOT stored or saved in any way.

IAV is implemented in literally thousands of software platforms that are used by millions of people each day.

I agree with changing your log in information, but the company shouldn't need direct access to your account to begin with. They should only need your routing and account numbers.

And, as I stated in my first post, you have that option. The system to which you refer is an option, if you want to establish direct deposit instantly. The other method takes a couple of days.

@johnb974 wrote:

I agree with changing your log in information, but the company shouldn't need direct access to your account to begin with. They should only need your routing and account numbers.

Again, they should only need your routing and account numbers to deposit to your account. No need for direct access. There's a reason banks tell you to keep your log on information secret and not share it with anyone else.

@johnb974

I would urge you to do some research on Instant Account Verification. I believe doing so will assuage your concerns. When you login to your bank accounts using IAV, your user id and password {{are not stored in any place}}.

IAV is a safe and secure method to verify bank accounts.

@johnb974 wrote:

Again, they should only need your routing and account numbers to deposit to your account. No need for direct access. There's a reason banks tell you to keep your log on information secret and not share it with anyone else.

It really doesn't matter if it's not stored, somewhere along the line others will see it. You don't reveal your bank log on information to anyone.

Respectfully, @johnb974, your statement that others will see it is not factually correct.

@johnb974 wrote:

It really doesn't matter if it's not stored, somewhere along the line others will see it. You don't reveal your bank log on information to anyone.

@Sentry Marketing wrote:

Respectfully, @johnb974, your statement that others will see it is not factually correct.

@johnb974 wrote:

It really doesn't matter if it's not stored, somewhere along the line others will see it. You don't reveal your bank log on information to anyone.

OH PLEASE, someone has to see it to confirm it.

I don't think anyone will see it. It's processed by an independent system. Similar to when you swipe a credit card. It's probably safer than having your routing information sitting in the company's database.

I understand the discomfort. It *feels* different.

@johnb974 wrote:

OH PLEASE, someone has to see it to confirm it.

@johnb974
I did it. It was instant and automated. No human on the other end was involved. No human saw my login information.

Who has to see it? I was gathering it is instant computer verification, if encrypted no problem. I think!

You can do it if you want to. I would never give out my log on information. Way too risky.

FYI - no banking information is stored on our site regardless of the verification method used.

@1cent wrote:

I don't think anyone will see it. It's processed by an independent system. Similar to when you swipe a credit card. It's probably safer than having your routing information sitting in the company's database.

I understand the discomfort. It *feels* different.

@johnb974 wrote:

OH PLEASE, someone has to see it to confirm it.

I did some research on IAV, including an email exchange with a close personal friend who is the head of IT security for a major US airline.

Here’s what I found:

1. IAV is, at its core, a money-saving device for the organization requesting your bank login name and password. It works instantly, unlike micro-deposits, which require the organization’s employees or contractors to physically make the deposit and do the verification.

2. For a large organization, like a stock trading company or a major financial firm, using IAV is generally safe.
HOWEVER: Information that is encrypted can likewise be decrypted by an online hacker. Large organizations employ IT security professionals to prevent this; a mystery shopping company with a few employees most likely does not.

If you are sending your full and complete bank login information to an organization, there most certainly IS an electronic signature of your information present within the organization’s system. It IS “stored,” albeit encrypted. But encrypted data can be accessed hacked, as stated earlier.

3. Allowing access to your bank via a release of your login ID and password is problematic for the following reasons:

A. It potentially allows access to multiple accounts (savings, checking, etc.) - unlike a traditional routing number/account number setup, which pinpoints one account.

B. In a worst-case scenario, the information could be decrypted and your password changed by the organization requesting the login information. Not only could you be locked out, but by releasing your login information to a third party you could be surrendering your right to recover funds lost in a hacking event.

C. If you read the disclosure information closely on the IAV, it will generally include a release of responsibility. Briefly, you are giving up your rights to recover funds lost in a theft. Read the “fine print” carefully.

SHORT VERSION: The IAV will save Sentry Marketing money and time, but provides little benefit to you. There are significant risks involved in the process, especially with a small organization. Not recommended.

Edited x2 for spelling and clarity.

Edited 2 time(s). Last edit at 01/28/2019 02:55PM by ColoKate63.

Thank you for your research. This is why I keep saying, NEVER give out your log in information to anyone.