As I write this, I’m uploading a fully encrypted copy of my personal iBank document to our new iBank Cloud Sync server. The initial upload takes a few minutes, but subsequent updates are very fast. I’m going to devote this entire blog post to our new cloud-based sync solution. Specifically, I want to talk about where we are with development, some details of the implementation, the release timeframe and most important, security, in terms of implementation and user experience.
Development Status
We hit a major milestone this week: we have all data syncing on both Mac and iOS. That means you could push a full copy of your data on your Mac and pull down a full copy to a document on another Mac, or on your iPad or iPhone. I want to be clear too: this isn’t some baby sync, like sharing a file via Dropbox, which is prone to data overwrite errors. This is a full, cloud-based sync solution with end-to-end encryption for any number of devices. If you can’t tell, I’m really excited to get this in the hands of our customers. The user experience is unparalleled.
For the rest of the development process we need to continue to test internally and uncover as many of the sneaky sync bugs as possible. I’m sure there are some in there, because sync is really hard. We’ve been developing this for over a year and we are now seeing the light at the end of the tunnel. As we continue to fix bugs we also need to finish putting in some of the polish and management utilities, like being able to rename a document on the server, delete documents from the server, reset data on the server with local data, etc.
Release
Once we’ve finished our internal testing and have the few remaining supporting components in place, we will introduce this feature in free updates to iBank for Mac, iPhone and iPad. The new iBank Cloud Sync will first be rolled out as a beta. It will likely remain in beta until the current sync solution is finally removed in a future release, sometime next year. Our goal is to release iBank Cloud Sync as a beta by the end of the year.
Security
This is the most important topic of this blog post. We take security and privacy very seriously at IGG. When we first discussed implementing iBank Cloud Sync, the first question was how to do it securely. So what I want to describe next is what happens to your data, with some heavy security vocabulary for those that are interested. Before I get into the nitty gritty of what happens with the syncing, I want to let users know our Cloud Sync will be rolled out on a brand new server. We implemented this new server setup because we wanted to have a secure backend serving up the data. I don’t want to go into the details of the server setup, but we are having it tested by a third-party security firm, as we’ve done with our other services in the past. An independent audit is a critical step in making sure our servers are secure.
Now let’s talk about what happens during sync. The first thing you will do is choose to push your document to the Cloud Sync server. To do this, you will need a free iBank ID. You will then be asked to name the document as it will appear on the server. However, before iBank uploads anything from your document, it encrypts it. That means no unencrypted data ever makes it to our server. Some companies choose to encrypt the data when it lands on the server, but this did not seem secure enough, so we implemented device-based, end-to-end encryption. First we generate a cypher and use that to encrypt the actual data, we then use a customer supplied password to encrypt the cypher. Only the encrypted cypher is stored on our server. We use the maximum level of encryption natively available on iOS 8, which is AES 128.
Here is a list of the data types that are actually sent to the server:
– Accounts, categories, account groups and smart accounts
– Account connectivity info (e.g. Direct Access and OFX settings, but not passwords)
– Transactions (but not attachments), transaction templates, scheduled transactions and import rules
– Budgets and reports
Here is a screenshot of part of the setup process for sending an iBank document to the Cloud Sync Server for the first time (screenshot is NOT final):
Once all of that data is uploaded to the iBank Cloud Sync server, it can be accessed from either iBank for Mac, iPhone or iPad, or any combination thereof. To pull this data down onto a new device you’ll create a new document that is linked/synced to a Cloud Document. When you login with your iBank ID you’ll be shown a list of all of your cloud documents that are available for syncing. After you choose one, you’ll need to enter the same document key to decrypt the data. If you forget that key/password, you won’t be able to decrypt and see your data. No one at IGG will be able to help you recover this key, because it is yours and yours alone. You will be able to delete the cloud document from the server and start fresh by uploading a new document.
Bringing Cloud Sync to the iBank family of products is major advancement. It makes it easier than ever to have all of your data up-to-date on any device. It also “frees” you from having the Mac be the central hub of your finances. For those that have gone iOS-only, you’ll be able to sync just your iPads and iPhones. One other “side-effect” is that you will also always have a backup of their data. We are really looking forward to getting this exciting technology in your hands.
-Ian
- Banktivity 9.5 and Monthly Subscriptions - October 18, 2024
- Coming soon: Banktivity 9.5 - July 19, 2024
- Continuing Investments in Direct Access - February 26, 2024
Extremely stoked for this, thanks 🙂
Hopefully this is the ‘real deal’ as the current sync solution is completely broken for me running iBank for iPhone 2.1 and iBank 5.2. Just an infinite ‘waiting for sync data’ on my iPhone.
However, I’m skeptical given the nature of several recent ‘updates’ that, for all intents and purposes, are a big step back compared to the previous versions.
I’m extremely disappointed that this blog post fails to acknowledge the loud and clear feedback you received in response to your June blog post, from those of us who don’t want *any* of our financial data on any “cloud” server for any reason whatsoever.
By all means, add cloud sync as an *option* for those who want it. But please don’t remove the existing wi-fi sync option that many of your customers depend upon and expect to continue using.
I really think keeping the WiFi syncing is critical. I also do not want to use a cloud solution controlled by any company that is specifically managed by a company that is supporting financial software. If I were to elect to put my financial data on a cloud it would be one that has a wide range of data – not just financial data.
I agree with Peter above, iBank has been regressing each time something new comes out. I fail to see any improvement in iBank5 over iBank4 that is of any value to me.
I am afraid this change will be the final straw and force me to figure out how to switch to another solution.
By the way, there is no mention of how this cloud service will be priced.
I have to agree with Spade and so from now on, I have to make sure that I keep a backup of the current iBank for Mac app, so that I can go back and not update anymore, once you force this change in. My financial data will not be transferred to a server anywhere, I don’t care if you encrypt it three times and write it all in reverse, my data is mine and will stay on machines controlled by me.
Since you clearly don’t care about the people that don’t want Cloud sync, it’s a good time now, to start looking for a different app and spend my money there.
My major concern is data integrity , i have used other cloud (apple pre iCloud drive) synched products which have inevitably thrashed my data (i.e. lost records, duplicated records) . These programs were data archives which I could easily rebuild fro original folders on my Mac. I am carrying 3 years with of Ibank financial data and I would be horrified if this was corrupted. Whilst I am supportive of a Cloud solution I agree that the product should retain the WIFI component if that makes the customer feel safer be it security or data integrity.
I have had many problems syncing data between my Macbook Pro and my iPhone so am looking forward to CloudSync being a solution to my difficulties. I have no concerns about entrusting my data to your Server and will not regret the passing of the Wifi method of syncing. Please bring in the new system as soon as possible.
Assuming the new sync solution lives up to expectations, does this mean I will finally be able to open my iBank document on my iMac, then later open/edit it on my Macbook? Are there any caveats with Mac-to-Mac sync?
@Kent
For Mac-to-Mac syncing we sync everything but file transaction attachments.
@Steve — Cloud Sync is free
The cloud sync should be an option in addition to wifi and webdav syncing.
Great news. Really looking forward to this as WiFi syncing feels so clunky in this day and age.
Thank you for this update. I look forward to this syncing capability you are adding. I have had a Mac based program synced to a mobile device since the days when I synced Quicken on my Palm Pilot to Quicken on my Mac. The most convenient solution in recent times was iBank Mobile syncing via MobileMe to iBank Mac. The process you describe looks even better.
A number of comments lay out concerns over security. While understandable, I don’t know whether they represent the majority of users. I was willing to accept the risk during the days of MobileMe syncing, and I am willing to do so again to gain the convenience of syncing across devices.
Two responses from Ian, none of which even acknowledge all of the concerned feedback regarding the removal of wi-fi sync?
It doesn’t seem like it should be that difficult to say something like “We’re still considering how to keep wi-fi sync as an option, stay tuned” or “Yes, we are definitely killing wi-fi sync with our next release”, so we at least know where we stand.
@ Ian : “For Mac-to-Mac syncing we sync everything but file transaction attachments.”
Why not ?
Too much data. Some customers have gigs and gigs of attachments.
I wanted to take a moment to comment on why our older sync will eventually be going away. If this interests you…please read on.
We have a lot of customers, and a few of them (<1%) have asked why we won't continue to offer our older wi-fi sync alongside our new Cloud Sync. The primary reason is that we want to provide the best sync solution possible. At one point, that solution was wi-fi sync, but that model is antiquated. One problem is that it is centered on the Mac being the hub. This limitation prevents users from solely using our iOS products, or if they are syncing more than one device it forces them to be near their Mac anytime they want to get changes from a device. There are also issues surrounding wi-fi itself. For example, several networks disable Bonjour discovery altogether so customers just can't sync. We've found this often to be the case at cafes and hotels and even some home networks. Another issue with wi-fi sync is Apple's frequent changing of their Bonjour and networking code. With each major OS release there are usually significant changes which we need to adapt to, and that gets increasingly difficult to do if you support anything but the latest OS.
There are also some pragmatic reasons to move to a new sync model. The resource demands to maintain two different sets of sync code squeeze resources from other areas of the app, like new features and bug fixes. It also means twice the testing, explaining two differences to the users, displaying the differences to users in the UI, updating the documentation, and troubleshooting two different sets of sync code. I appreciate hearing from the users that don't want their encrypted data on a server. And we anticipated some people would not like our new Cloud Sync. However, I truly hope they will be willing to consider the benefits of our new sync solution and reconsider. As I've mentioned before, we aren't turning off the old wi-fi sync right now. It will continue to exist side-by-side with the new Cloud Sync for a while. I also want to point out that we are not mandating people use this Cloud Sync; people can still decide to do their finances on a device without using any sort of sync solution. Many of our competitors force their users to keep all of their data in the cloud; we aren't taking that path.
Syncing, while the concept is easy, is extremely hard to do. The majority of our customers want something that is easy to use, makes their data available anytime they want it, and just works. This is the end of goal of what we are delivering.
I don’t think I saw this addressed, so sorry if I’m repeating something already asked and answered.
Will the iCloud sync be available for customers who purchased directly from IGG Software, or only if iBank was purchased through the App Store?
Just to be clear, it won’t use Apple’s “iCloud”, it is our own Cloud Sync solution which requires a free iBank ID. Given that, it will be available in purchases from the Mac App Store and from our own IGG store.
Ian
Your response about discontinuing WiFi syncing is not very satisfying. It is extremely easy to mislead with statistics. Saying that less than 1% of customers have asked why don’t you offer both methods of syncing is at best misleading. Certainly if I look at this blog, a very high percentage are asking for it. I would guess that a very small percentage of your total customer base has said anything at all. Further I would guess a fairly high percentage do not sync and will not sync. If we were to assume that 2% of customers have responded on this issue, your numbers would suggest the percentage that wants to retain WiFi syncing is approaching 50%.
I have long felt that the biggest weakness of iBank is its failure to provide user options as to how to do and display things. Clearly all users use your products in different ways. Some value your graphics very highly, some value the budget aspects highly and others value the data collection aspects of iBank the most. Each of us view things differently, but which ever view we regard as the most important, dictates how we want certain features treated. iBank does not give us those options.
Initially I was in the camp of not in favor of syncing to another server that could get hacked and information stolen. I would have loved to have a solution that allowed my iPhone & iPad to stay synchronized while on a business trip or personal trip. I think that the days of notebook computers are numbered and thus believe that the desktop, tablet, & phone model will proliferate throughout the world. From what is explained I believe that the precautions are being taken that the keys to the encryption will never be on the servers and thus would be harder to decrypt the data if it was stolen.
Another issue with the Cloud Sync option would be to ensure that synchronization is available at all times. It would be a really poor solution if you would not be able to synchronize you data just because of maintenance. I am certain that you guys have looked at the best way to accomplish this. You care correct, synchronization is one of the most complex data operations that you can attempt. File synchronization is rather easy.
@Ian — Thanks for the clarification that this is not syncing through iCloud. That said, my confidence in the offering wavers a bit. I understand the commentary of others with respect to any security of any data on any cloud service. With a generic choice of webdav server, any of us could choose to store our data anywhere so long as the service was reachable. Locking into one provider’s service — especially when that service doesn’t appear to be their key product offering — is a risk.
And, I get that moving to the CloudKit model is a risk. You have a large installed base that didn’t purchase through the App Store. If the Apple policies prohibit non-App Store purchases from accessing CloudKit, you’re stuck. It would be nice if there was a way to sell an add-on module that licensed that access, but that doesn’t seem to be in Apple’s best interest.
Beyond security, my biggest problem is maintenance. As a developer/manager, I know how much time goes into supporting any new feature. A new protocol or a new storage model is often a level of complexity higher. Unfortunately, you don’t get the benefits of a larger community (or paid staff) evolving the offering, improving performance, and fixing bugs.
I believe most people are willing to trust cloud services, especially for synchronization, when reputable and well established companies (such as IGG) are willing to provide security details (see the wildly successful 1Password, for example). IGG has not disclosed as many security details as AgileBits has with 1Password, but it sounds like they’re certainly on the right track with keeping data secure and private.
To contribute to the voice of what is likely the vast but silent majority of people: WiFi syncing is useless to me – it’s slow and requires far more time and effort than I’m willing to put in daily. I’ve been holding out on buying iBank for iOS until cloud synchronization is an option. IGG is certainly on the right track by moving to a cloud solution, and I plan to purchase the iOS version as soon as syncing is available.
As a developer, I think Ian very well addressed the reasons why WiFi syncing needs to eventually go away – it’s a waste of resources for what is likely a vast minority of users who don’t trust the cloud. When Apple switched to Intel from PowerPC, they didn’t keep offering PowerPC alternatives – sometimes you have to leave the old behind to best move forward.
Keep up the great work, guys! I’ve been waiting for this a long time (and nearly switched to competitors to gain cloud syncing) – sounds like it was worth the wait!
If iBank is going to a cloud based sync only then it’s time for me to look for another product. I do not want my data on any server other than my own.
Also, 1Password gives you a choice and allows for WiFi sync. Agilebits does not store your data on it’s servers.
I agree with Andy, cloud sync only means you loose a customer.
(I also use 1Password, and have switched off cloud syncing)
Thanks for the clarification Ian but, sadly, it is a no-go for me as well.
The people who voice concerns here may be a minority. However I would say we are “power user” minority who use and know iBank to the most extent. And care for it.
I see no technical reason not to engineer or license a service that doesn’t rely on single specific entity for sync. As such there are, possibly, other reasons like support cost vs. revenue from “general” customers.
It looks to me like this is all heading towards a subscription model for using the software, first the data is stored in the cloud, next you need to subscribe to use it. I’m less worried about data security, and more about Igg continuing as a business and me being left without a mobile to Mac solution if they fail. No more software updates for me, unless iOS forces it 🙁
Great news to hear about this – can’t wait to get cloud sync.
Though I personally do not have serious reservations about putting my encrypted data on a cloud-based server, I simply must comment about Ian’s assertion that only 1% have concerns about cloud syncing. I would really like to know how IGG would know. Where have the forums gone? Why is it that iBank is the only software I use that lacks a vigorously-supported user forum where users can 1) Give and get help from fellow users and 2) Provide developers a source of information about user requests, and common issues people are facing? I have a lot of picky problems with iBank that I’m sure others have faced and mastered. Googling the problem I’m wondering about for any other software will lead me to a user’s forum in the top hits. For iBank questions, all the top hits involve IGG’s support articles, which frankly aren’t very detailed or informative.
Has there been any update on when Cloud Sync will be available?
I really hope that you leave the current option to wifi sync from the iPhone/iPad to my Mac. I have to be completely honest, I will not be using the cloud sync option. Even though its encrypted I do not want my data leaving my control. Please keep the wifi Sync option, if its abandoned I will have to find a new product or go back to using paper which I do not want to do.
Great solution Ian, I am very much looking forward to its release. I do not understand the concerns expressed in this blog. If users do not wish to use the new synch feature, it seems like they do not have to. The comments on WiFi synch assume that this method is more secure than cloud synch which I doubt because the bad guys can break into WiFi too. Also, isn’t it the case that if the iBank synch servers break or disappear, the only thing lost will be the synching, because the data will still reside on the user’s devices at least up to the last synch? Isn’t it a synch service and not a multi-user server model? I believe that financial data is in a different category from most computer applications because of two things – the need to accurately track historical data and the ability to export the data so that it is never locked in a proprietary form. IGG has addressed these better than anyone else. I successfully and easily imported my data from 1996 forward into iBank several years ago and can easily export it if I wish to change applications (unlikely). Finally, I am most concerned about redundant backups. Right now, the data exist on one computer in my home, on a local network server (Time Capsule) in my home, and on a hard disk that i transport to an external location about once/month. Ian’s new service would simplify this allowing the data to exist on several local devices and in a remote cloud too. Ian, will the iBank servers be redundant too, that is, mirror copies in two geographically separated locations?
Want to bet you lose more 1% of your customers when you force them to store their sensitive financial data on YOUR servers.
Billion dollar companies like Sony can’t even secure their own systems and you think IGG is up to the task? I don’t share your belief in your programming skills especially after watching bug ridden releases of IGG iOS apps.
Doing something your customers are telling you not to is a sure recipe for 1 or all of the 3-
1. Loss of business
2. Lawsuits
3. Competitors taking your market share through existing or new products
Not updating iBank for Mac is easy, but stopping an iOS update is harder. The moment wifi sync is gone so am I. And, if there are no data migration tools you may be looking at option 2 above.
I must add my agreement with the chorus that will not use a cloud-based service for financial information – no matter how secure the company providing it says it is. The repeated ability of hackers to infiltrate systems with far more IT resources than yours makes it clear that your proposition is unacceptable.
The one feature that led me to purchase iBank in the first place was the ability to secure and sync data across my devices without having to use any cloud services. I LIKE the control of having my mac as the central hub for my financial information. If this functionality is unavailable then I will not be using your software. I imagine there are many other users who aren’t following this blog who feel the same – why take away something we already have and very much like?
Also, as pointed out by Kashoggi, when IGG later decides to remove this functionality from its iOS apps, updating the existing app would be a problem. I hope this doesn’t happen, but if this functionality is in fact removed then there needs to be a different executable so that those who want to keep what we have don’t lose it..
To all the miss-trusters of IGG’s planned cloud security. Do you imagine your Mac’s security or your external drive security is so superior that no hacker will gain access?
And to all you unhappy statisticians using guesstimates instead of hard data to prove your opinion, check again this time next year and see who was right.
I’ve been having a lot of trouble using WiFi syncing and have nearly given up using my IOS devices for iBank data. Cloud syncing can’t get here soon enough!
@Rich
There is no one I trust with my data more than me. My hard drives are not accessible from the internet like IGG’s Cloud will. Yes, the encryption in FileVault is strong, and yes, the files not leaving my network is far safer than using any “Cloud” service. As we all know, there is no such thing as the cloud, only other people’s computers. I, for one, trust no cloud provider with sensitive information, with Dropbox, Apple, Target, and JP Morgan Chase being recent victims. These companies have budgets thousands of times larger than IGG. If Chase, a BANK, can get hacked, why on earth do you think IGG is to be trusted with sensitive data?
Further, I’m sorry to hear you have had Wi-Fi sync issues. I’ve had none. I have no problem with you using Cloud sync, I simply wish to be able to retain control of my data and sync via Wi-Fi. There is absolutely no reason that these both cannot be implemented. Just because you want one thing does not mean it must come at the expense of another.
Like SwamiSwami stated, The principal feature that led me to purchase iBank in the first place was the ability to secure and sync data across my devices without having to use any cloud services. I LIKE the control of having my mac as the central hub for my financial information. The fact that they are considering forcing me to use their personal servers is absolutely asinine.
If the Wi-Fi sync functionality is to be made unavailable then I will not be using iBank any longer. I imagine there are many other users who aren’t following this blog who feel the same – why take away something we already have and very much like, especially when it is at the expense of privacy and security?
I’m not worried about the potential for hacking. If someone gets my phone or my Mac and have 2 brain cells left, they are going to get my personal information, period.
As long as the file on the server is encrypted using local encryption, there is nothing more secure. If someone hacks the server, it would take millions of years to crack an AES 128 file with a strong password (i.e. not a dictionary word and more than 8 characters).
http://security.stackexchange.com/questions/31726/why-so-long-to-break-128-bit-encryption
Just one question though… iCloud Keychain and TouchID? That would make this really simple to use across all my devices and fit nicely into the Apple security I’ve standardized on.
Ian–and other IGG folk–thanks for the hard work in getting this sync solution ready to go! I appreciate your effort.
I have been using the sync from day one with NO problems whatsoever, thanks to Ian and the team for there hard work and making it free.
I spoke too soon, the server has gone down causing me to think that there was a problem with my Mac.
As iBank needs to connect to a server you would think that a message could inform the user of this problem, like when it checks for software update.
They need to get there finger out as its been two days now with no info from IGG about this down time.
I had recently noticed a great deal of latency [slowness] in sync times when I opened iBank on my Mac or especially on iPhone [when not in a Wi-Fi environment ] so I was not suprised that there were issues on the server.
I am suprised that IggSoftware has not provided more information to user that were forced [or were going to be forced]to migrate to iBank Cloud Sync.
It certainly gives reason to allow two sync solution to exist…I am on the Beta but would prefer so much to sysnc locally or WEBDAV.
Hi,
I agree with others on here that wifi syncing should be kept as an option in future updates and customers should be able to choose which sync option is best for them.
If local sync is removed in future versions it will be a real shame as I have always enjoyed using iBank on the Mac, iPad and iPhone since switching from Quicken several years ago. However, only being able to sync via the cloud is a deal breaker for me and I’ll need to find a new application to manage my financial records.
Please continue to support ‘legacy’ sync options.
Thank you
Like the cloud sync, I have no problem with it. I don’t have an issue if it does become a subscription service, as long as it doesn’t break the bank. The wifi sync didn’t work at all well for me.
As I read the cloud sync articles again – for what is to be sure the 5th or 6th time as well as all these comments…
I’m left with the impression that without an internet connection to the cloud server I’d be outta luck with respect to getting a data file open. Am I reading that correctly?
For example, it reads as, I launch iBank Mac OS X, then choose to open the file off the server. Is that correct? If so, it implies there’s no locally cached copy and if I my internet connection happens to be down I can’t access my data via Mac OS X. Is that understanding correct?
Essentially it reads as if I’m access the data through a VPN (in very general terms) where the data isn’t really local, it’s all on the server.
If that’s so — it seems like a horrible idea to try and use cloud sync. After all if my internet connection fails, I’m outta luck.
“Johnny Law”, warrants, and turning over of financial data stored with iGG via Cloud Sync.
I’ve re-read both privacy statements linked to on this page: http://www.iggsoftware.com/legal/
It clearly reads “We do not share your synced data with third parties under any circumstances.” Fair enough. However, how that policy extends to law enforcement doesn’t appear to be addressed from what I’ve read (I may have missed it – if so please advise)
Obviously, while law enforcement is clearly a third party, a valid search warrant is still that – a search warrant. In those circumstances:
1. Does iGG provide the data file stored via Cloud Sync?
2. If provided, is the file still encrypted with whatever level of password I choose?
Put another way – even if the data file is turned over under the warrant is it still encrypted and as such would either require my password or need to be cracked to gain access. Am I correct, again from reading the iGG policies, that the data protection I set (password) can’t be bypassed by anyone at iGG (with or without a search warrant)
Now – I’m not trying to sound like a conspiracy theorist nor am I paranoid about big brother or the like. I’m merely trying to understand the nature of how access to my data might be gained and how it might still be protected.
Clearly I could still choose to delete the data file on the iGG Cloud Sync server. That’s not at question. Rather what happens if I don’t delete it?
On my iOS device (e.g. phone) I have a degree of protection as I keep it locked and secured with TouchID – a warrant to search that iOS device is required. Same holds true for my computer. For context, Apple clearly makes a policy statement regarding warrants and government access here ( http://www.apple.com/privacy/government-information-requests/ ). Is something similar forth coming from iGG regarding Cloud Sync?
Again – not trying to throw stones. Rather trying to wrap my head around all the nuances and contingencies so I can make a mindful and informed decision.
Please add an option to be able to use cloud sync without direct access automatically update on the iPhone. I want to be able to enter transactions on my iPhone and have them sync, but only update my accounts weekly. I can do this on the Mac version, but not on the iPhone.
Does a use have to store data on the cloud, or can it be solely stored on a private hard drive?
I was faced this morning by the options of ‘1, Start fresh; 2. Open cloud doc (which is subscription based; and 3. import a previous version.
I paid full whack for bank 5, two years ago, why do I have to start (and never end) paying a subscription? Is it time to change to a competitive company?
If you come to our live chat they can probably help you. It sounds like Banktivity just didn’t find your last opened document. Also, our cloud sync is FREE, no subscription required.