“Design Mint” is a fintech-flavored mobile system design prompt that combines bank-data aggregation, transaction categorization, budgeting UX, and the strict security and compliance reality of consumer financial apps. Mint, Copilot Money, Monarch, Rocket Money, and YNAB are the modern references after Intuit shut down Mint in 2024.
Clarify scope
- Bank account aggregation (Plaid) or manual entry?
- Investment accounts in scope?
- Bill-pay or read-only?
- Subscriptions tracking?
- US-only or international?
Account aggregation via Plaid
- User links their bank via Plaid Link (a hosted flow inside the app)
- Plaid returns access token; app stores in OS keychain
- App calls Plaid API to fetch transactions, balances, identity
- Server-side worker pulls daily; client triggers on-demand for fresh data
- Reconnection flow when Plaid loses connection (common; banks rotate auth)
Transaction data model
{
id, accountId,
amount, currency,
date, postedDate,
merchant, mcc,
rawDescription,
category, subcategory,
recurringId?,
userTags: [string],
hidden: boolean
}Categorization
The hardest correctness problem:
- Default rules from MCC + merchant name
- ML model refines (BERT-fine-tuned on transaction descriptions)
- User overrides remembered for that merchant
- Per-user rules: “All transactions at X go to category Y”
- Recurring detection: same merchant + similar amount + monthly cadence → flag as subscription
Budget UX
- Per-category monthly budget
- Progress bar vs spent
- Predict end-of-month spend based on burn rate
- Alert when 80% of budget reached
- Roll over unused budget (envelope-style, optional)
Net worth tracking
- Sum of asset accounts minus liability accounts
- Daily snapshot persisted
- Trend chart over weeks/months/years
- Investment accounts updated on market days
Subscriptions tracking
Subscriptions are a high-value feature:
- ML detects recurring charges (monthly Netflix, weekly grocery)
- Lists: Active, Paused, Cancelled
- Estimated next charge date
- “Cancel” CTA — usually a deep link or instructions; some apps offer concierge service
Notifications
- Large transaction alerts (over user-set threshold)
- Low-balance alerts
- Bill-due reminders
- Suspicious activity
- Weekly summary push
- Per-category opt-out
Security
- Biometric / PIN gate at app launch
- No PII in app database without encryption
- Plaid access tokens in OS keychain
- SOC 2, GLBA, state privacy laws (CCPA, etc.)
- Transmit only over TLS; certificate pinning recommended
- Logout-on-suspension if device jailbreak detected
Server-side architecture
- Data warehouse for aggregated transactions
- ML categorization runs server-side; results pushed to clients
- Plaid webhook handlers update transactions as they post
- Per-user encryption keys for sensitive data
Offline behavior
- Show cached transactions and budgets
- “Last synced X minutes ago” indicator
- Most actions still work; sync queues on reconnect
Investment account specifics
- Holdings vs cash split
- Daily price updates
- Asset allocation breakdown
- Performance over time (TWR vs IRR)
- Often via Plaid Investment product or direct broker integration
Crypto wallets (optional)
- Public-address watching for read-only tracking
- No private keys in app (different from a wallet — see crypto-wallet design)
- Price feed for valuation
Compliance considerations
- GLBA (Gramm-Leach-Bliley) for financial privacy
- CCPA / state privacy laws
- EU PSD2 if international
- App store data-collection disclosure (Apple privacy nutrition labels)
- SOC 2 Type II for B2B distribution
Monetization
- Subscription (Copilot, Monarch model — $5–$15/month)
- Free with affiliate offers (Rocket Money, NerdWallet model)
- Premium features behind paywall (advanced budgeting, multi-account)
What separates senior from staff
Senior candidates draw the Plaid integration and transaction model. Staff candidates discuss the categorization ML pipeline, recurring detection, and security primitives. Principal candidates address the data warehouse architecture, the GLBA / state-privacy compliance posture, and the international expansion (Open Banking in EU).
Frequently Asked Questions
Why did Mint shut down?
Intuit’s strategic decision in 2024 — moved users to Credit Karma. The core architecture is well-understood; modern alternatives use the same shape with better polish.
Should I store financial data locally?
Cache for performance; canonical state on the server. Local storage encrypted; access tokens in keychain. Never store plaintext financial data outside encrypted stores.
How do I handle Plaid disconnections?
Webhook on connection loss; surface a “Reconnect X bank” prompt; track last-successful-sync per account. Some banks rotate credentials weekly; be ready for noise.