IGG Developers' Blog

A chunk of sync update

Back in December, we announced we were working on a new sync solution for iBank. It has been in development for some time now and is coming along nicely. Though it’s not ready for release just yet, I wanted to touch base with everyone to talk about how sync is shaping up. But first some history.

Why are we doing this?

Our current sync solution was originally designed to sync from iBank for Mac to iBank Mobile on the iPhone using MobileMe. It was designed with the Mac serving as a hub for all of the iPhones that sync with it. We extended this model to support iPad and moved from MobileMe to webDAV when MobileMe was discontinued. Since that time we have been researching various replacement solutions. We looked at iCloud CoreData sync, but with the complexity of our model — including external file attachments and various schema differences between products — this option did not work for us. We looked at working with DropBox or other host file storage systems, but again, these did not meet our needs. It became apparent that to get what we wanted, we were going to have to build it.

There were two key goals that have driven the design of our new sync solution. The first is to be able to sync any combination of supported devices without needing iBank for Mac to act as the hub. This means you can sync between iBank running on an iPad and an iPhone, or two (or more) iPhones, or two (or more) iPads, all without needing iBank for Mac. (You can even sync two financial books on the same iPad, but I am not sure why you would want to.) Of course you can still include iBank for Mac in the mix. And, as part of this setup, we don’t want to require that any device be on and running iBank except the one actually doing the current sync.

The second goal is that syncing should be easy to set up and effortless to use. This means we don’t want customers to have to enter URLs, or set up accounts with third parties, or worry about router configurations. If you have Internet (specifically web) access from the device, then you can sync, period. This also means that you don’t need to be connected all the time to use your data, and when you reconnect, any changes that you made will sync.

There is a third, overarching requirement that we have for all our products and features: security. We want to make sure that your data is protected from bad guys, from good guys, and even from us.

So what did we do to reach these goals?

The first goal, to support any combination of devices with only the syncing device needing to be on, leads us to having a server to store the sync data that all devices can connect to at any time. This is because we have to hold the sync data somewhere. Furthermore, since our products can support multiple financial books or documents, the server will need to have support the syncing of different financial books to different devices.

The second goal also leads us to wanting to have an IGG server so that you don’t need to set up with third parties or enter URLs, as the webDAV solution requires. Also, the IGG server needs to be smart enough to handle incremental updates to the sync data.

This runs right into the third goal of security: we don’t want to see your data. To meet this requirement we are going to chunk and encrypt all the sync data on device with a random key. That key will be encrypted with a password that you provide. The result is that the sync server will only be dealing with chunks of encrypted data. We at IGG will have no way to see the actual data on any of our servers or in transit. When a new device is set up to sync with a financial book, you will enter the password that you originally provided for the encrypted key.

If that seems complicated, what will your experience be like?

We think this experience will be great.

When you decide that you want to share your existing iBank for Mac financial book with other devices, you just choose a new menu item “Share Financial Book…” from the file menu. This will bring up an assistant that will ask for your iBank ID (or you can set up a new iBank ID at this time). The assistant will then ask you for a name for the shared financial book, or it will default to the file’s current name. Finally the assistant will ask you to enter (and confirm) a passcode for the data encryption. After that the financial book will start uploading to the sync server.

When you go to your iPad and create a new financial book you will be asked if you want to create this from a shared financial book. When you say yes, you will be prompted for your iBank ID. Once that is entered you will get a list of shared financial books and you just select the financial book you want. You then enter your passcode for the sync encryption and the data will start to download. After that you should not need to do anything and the two (or more) local financial books will stay in sync.

What will happen to our current sync solution?

When we launch our new sync solution we will be sunsetting our old sync methods. This means that all products that support the old sync solution will continue to work. At some point after the launch of our new sync solution we will be slowly removing support for the old sync as we revise those products. I know that it will be a disappointment to some of you when we ultimately drop support for local Wi-Fi sync. However, at this time we just see one integrated host sync solution as the best way to meet the vast majority of customer needs.

How much will I have to pay for this fancy sync?

This sync solution has been very expensive to build and host. The hosting will also be an on going expense for IGG. However we think that the sync experience is so key to what our products offer, now and in the future, that we are offering sync for free: no monthly charge, no Direct Access subscription required. Just FREE.

Anyway I wanted to fill you in on where we are with sync and what it will look like. I hope that this gives you a better idea.

Thanks,
James

19 Responses to “A chunk of sync update”

  1. Judy Says:

    Please do not drop WiFi syncing. I much prefer keeping my financial data under my control and have LOVED iBank since first starting to use it in 2010. In these days of security concerns and issues, it is unbelievable that an organization would force people to give up the privilege of syncing their information the way they feel is the most secure. Why in the world would you do this? I left Quicken long ago because your product was far superior. Will I now have to look elsewhere–again–for a product that fits my needs? Just this morning, when syncing my data over wifi, I was thinking how wonderfully fast and accurately iBank works. What a disappointment to get this information just a few minutes later!

  2. Simon Says:

    I understand the concerns some might have for security, that said I do think most people are the architects of their own issues with security simply because they make misguided choices with passwords. I’m pleased to hear you are pushing forward with a more universally available sync, one that is present wherever you have Network connectivity.

    Looking forward to this being available and I do think it will add hugely to the benefits of using IGG Software

  3. Julian B Says:

    I currently sync iBank (v4 and v5) via Dropbox, and so long as I ruthlessly ensure the datafile is only ever open on one OSX machine all is fine.

    How will the new system cope with the possibility of the same datafile being open on 2 devices at the same time?

    And BTW, free is great news – well done and thank you!

  4. Elliot Says:

    At present, I sync between Mac, iPhone and iPad over local WiFi. My financial information is only stored on my devices and is only transmitted over my local network.

    Your post suggests that, in future versions of your products, such syncing will require my financial information (including account numbers, institutions, previous transactions, balances, etc.) to be sent over the Internet and stored on your servers, leaving my control. This will be encrypted before transmission and stored in encrypted form. However, the encryption key will also be stored on your servers, protected by a password.

    This means that the quality of the password chosen, your choice of encryption algorithm and its implementation become very important. It is unclear from your post how the data will be (securely) transmitted between devices and your servers, how you will control access to your servers or how you will manage and retain data. In addition, it does not clearly describe an ‘iBank ID’: is it a username and a (different) password?

    I am sure that you understand that people consider their financial information to be highly sensitive and that you are aware of the flaws found recently in widely used encryption software.

    I am very concerned about the storage of this data on your servers and the associated risks. For example, if a ‘bad guy’ gains access to users’ encrypted data and the associated password-protected encryption keys, attacks on the passwords could be tried offline.

    I have been a very happy user of iBank for Mac since 2008 and the related iOS apps since they were released. I have found these products to be very useful. However, if this becomes the only sync option available, I feel that I will also have to seek out alternative products.

  5. RJ Says:

    Hello iBank Team,
    I think it is great that you are planning to integrate a sync-any-to-ay solution with your server. But I also think it makes sense to keep in mind that a lot of people will not want to share their data – encrypted or not (we all know there is NO TOTALLY secure cloud service) – with someone else and BE DEPENDENT on the availability of their servers/service. The companies I consulted to use iBank and the companion app ALL demanded (rightfully) that their data stays within their LAN/server (otherwise they might as well use one of those online banking services, right?). So if you drop direct syncing – this software will no longer work for all those companies. You might say that eventually they might be forced to move to the cloud because there is no other option – well this might be (I doubt it), but why would they then use Iggsoftware, when there are so many other solutions out there.

  6. Marco Says:

    _Please don’t drop WiFi / WebDAV sync._
    Seriously, I like your work and all… But if you choose to force me away, I will leave.
    Given the current state of available alternatives, that will suck.

    Please refrain from making my life more complicate.

    iBank user since 2010.

  7. Bjoern B Says:

    I have to agree with the other statements that moving all my financial data to your servers is an absolute no go for me. I’m a Software Engineer, so I know that Software always has errors, so there is no way to guarantee that your server solution will be error free and that no one can get to all my financial data on your servers in the US. Especially with the recent history of the NSA even intercepting data from Google and other big companies, who have a lot more people working on those software solutions, I can’t trust you with my financial data, when those big companies can’t guarantee safety either.

    If this way of syncing is enforced, I will just have to stick with an old version of iBank or only use the Mac app and drop the iPad app, so that no syncing is required. I hope that you do realize that with that very expensive feature that you are offering for free, you will lose a lot of paying customers.

  8. Bill W Says:

    For me this is really good news. I flit between my iMac & MacBook (as well as iPhone & iPad) depending on where I am and the difficulties in keeping my accounts up to date has been very frustrating. I bought iBank 5, but have continued to use iBank 4 as it seems easier to keep iB 4 databases in sync via Dropbox. I understand why folk would want to keep local sync solutions, but for me this is a major step forward. Now if we could fix the bug with posted scheduled transactions I would be even happier!

  9. Randall Phillips Says:

    Thank you for this update on your synching solution for iBank. I’ll share what I like and how I feel about the security concerns voiced by others.

    I have used iBank for iPhone to sync with my Mac since both were introduced. In the MobileMe days, I liked that I could hit the sync button on my phone at any time and send my transactions off the server at any time. What I did not like was not having any transactions that may be in my Mac file if they had been entered but the sync button not hit. The Mac as the hub was a minor annoyance. Your proposed solution gives me back the ability to sync anywhere, anytime and adds the ability to have each sync bring my device completely up to date with all transactions entered on any other device. I like this very much.

    As for security, I understand the concerns expressed in other comments. I view storing data on your server as a reasonable risk to take. My thinking is that I do not have information stored in my file which would be of use to others. I do not have account numbers or passwords in the file. Nor do I have my name or address in the file. I understand that those who use Direct Access cannot have this level of anonymity.

    One question I have on your new sync solution is on the issue of multiple Macs. I have an iMac and a MacBook Air. Right now I use iBank only on the desktop. Will the new solution keep two Mac versions in sync?

    Thank you for the continued development, keeping us in the loop, and for the opportunity to comment.

  10. Bruce Says:

    This is awesome!! This is the one feature i missed using Quicken. We’ll be able to sync anytime, anywhere!
    This is great especially when two people are updating data from two different devices at the same time. Both parties are up to date — real time!

  11. Jan Loope Says:

    Great news! If there is a way to sync now, will someone let me know???

  12. PF Says:

    Sounds interesting but lacking in details on the security and encryption.
    Are you using public key encryption ? Where is the encryption taking place ?

    Who or what generates the key and why would you need a password to protect the key if the key doesnt leave the local machines ?

    Is the link to your server encrypted ?

    Many unanswered questions and with your prior shaky history of having many many basic bugs its hard to trust your encryption scheme.

  13. ian Says:

    @Randall, yes you can sync multiple Macs with this solution.

    @PF Encryption always takes place on the local device. We use a DEK and KEK pattern, not public key. Your private key is encrypted with your password and a salt. The connection to our server is over SSL.

  14. Valentin Says:

    As much as I waited for the description of the sync solution as much I feared it will be exactly what you had just described – a hosted proprietary storage. That and the sunsetting of other methods of sync. I consider my financial data to be truly private and personal. Meaning no distrust but there are very few people, and even less – organizations, to whom I allow to see this data.

    I can understand that there are technical requirements that can be unique to iBank that prevents you from allowing my storage of choice to be used directly.
    The only suggestion I have is to make your sync service application:
    a) portable to my server of choice where I control and check access as well as backup, where compromise of my or others setup will not mean potential breach for others,
    b) make it open source for community to trust and validate.

  15. Doug Says:

    PLEASE leave the option for local WiFi sync as a permanent alternative, even if it requires the two apps and books to be open during the sync process. Many of us are not comfortable with our financial information being on a 3rd party server, out of our control.

  16. Thann Says:

    I also agree, local wifi sync is a must in this type of software. When Wifi local sync goes, so does this customer.

  17. Fergus Says:

    I’m pleased that you are incorporating a more sophisticated approach to syncing than the existing and unfortunately quite flaky Wi-Fi based approach. The steps you are taking to allow the user to control the encryption key is satisfactory from my perspective as a retired Software Engineer. As far as the NSA and all other government and non-government hackers are concerned — if they want to crack the encryption on my personal banking data stored on the IGG servers all the power to them. However, they would be further ahead just hacking all of the servers of the primary financial providers in NorthAmerica directly. Come to think of it — maybe they do!

    Tongue in cheek aside – I look forward to seeing this much need enhancement.

  18. Paul Says:

    I’m glad to hear of this addition to iBank. I’ve held off switching from another program because I want something that can sync as iBank will. Can you say if this new feature will come as a free update, or will there be a new paid release? If it’s the former, then I’ll go ahead and switch now, but (since my current program gets the job done) if it’s the latter then I’ll wait to hop on board.

  19. Julian Says:

    One more vote for WiFi-sync. I like the idea of “it just works” which is probably easiest to achieve in the way you described. Nonetheless this information is really private and I’d appreciate to have all the data under my control.

Leave a Reply