I am surprised to see that a tool that claims bank level security has these test accounts enabled on the Canadian production website.<p>How can users trust that the bank login information they are filling in for a specific bank account is actually being redirected to a real bank or some test account under the hood? I know there is no way end users can ensure that but this is pure negligence on Mint's part in my opinion.<p>Screenshot: https://imgur.com/a/QGlrsBJ
Banks should have a read only api available to access your account for financial apps like this.<p>I just can't understand giving your full user/pass for financial accounts to a 3rd party.
It's sloppy, but why is redirection a concern? If there's an issue that redirects login information to a test account, it could just as easily be redirected to any other account (test or not).