Hey, I realized I misread your original comment and I wanted to address the points you're making.
There isn't any writeup on the security for how it works other than my privacy policy (https://lunchmoney.cc/privacy) which touches on those points at a high level. We're just getting started and are therefore mostly focused on product validation and market fit so we haven't done any heavy security detailing such as external auditing. All that being said, I get this feedback a lot. Security and user data is really important and not something we take lightly at all and is something we will be continuously thinking about throughout the course of our journey.
If you have any ideas or want to talk about it more, I'm always open to chatting. jen@lunchbag.dev
Hi there, thanks for the feedback! For specifics on security around connecting to your bank, I would actually defer to the third-party service that Lunch Money and many other financial apps use: Plaid (https://plaid.com). Here's a good place to start: https://plaid.com/security/
