We're in the same position that your current bank is in when it comes to fraud and theft: we're insured for it, and we follow industry-standard practices when something bad happens.
Most likely, what would happen is:
1. You realize that your account has been compromised.
2. You call us up.
3. We investigate your claims with our partners.
4. You get reimbursed.
5. If there was a security flaw on our side that we can fix to prevent this from happening in the future, we do so.
We have a comprehensive security review process and participate in internal and external (third-party) security audits. We're also taking steps to make it more difficult for attackers to compromise your account through multi-factor authentication and other mechanisms.
If you have any other questions about our security practices, please contact us: hello@simple.com or security@simple.com.
So when you say you aren't a bank, you really do follow many standard banking industry practices (at least in terms of security/insurance).
I think it is important that you show this when advertising a service like this to possible customers.
I appreciate the importance of keeping the pitch simple, but for me, I act a little more cautiously with my money than I would signing up for a new social network or something of that nature.
I want to be able to read all of the fine print and know exactly what recourse/assurance I have, before I fill out an application. Having it spelled out somewhere is important. Perhaps I simply couldn't find that part of the site, (but even if that is the case), any security guarantees might be worth putting front and center.
We're in the same position that your current bank is in when it comes to fraud and theft: we're insured for it, and we follow industry-standard practices when something bad happens.
Most likely, what would happen is:
1. You realize that your account has been compromised. 2. You call us up. 3. We investigate your claims with our partners. 4. You get reimbursed. 5. If there was a security flaw on our side that we can fix to prevent this from happening in the future, we do so.
We have a comprehensive security review process and participate in internal and external (third-party) security audits. We're also taking steps to make it more difficult for attackers to compromise your account through multi-factor authentication and other mechanisms.
If you have any other questions about our security practices, please contact us: hello@simple.com or security@simple.com.