I just attempted to open a Paxum account, to try them out. The experience was extremely difficult, and at the end I called Paxum and had them walk me through the process of closing the account. I did not feel safe using it.
Here's what I noticed in the process;
1) Paxum's automated emails use HTML, but have incorrect MIME settings. This means that they are displayed by Thunderbird and the other email clients that I tested as plain text. *That* means that you have to search through a bunch of HTML codes to find the information that you need to confirm your account, etc.
2) Paxum uses attached PDF files to send certain types of critical information, but because of the broken MIME settings, the attachments cannot be viewed or detached in normal email clients. They must be handled by hand, by saving the email as text and then using a utility to demime them. Most users are not up to figuring this out.
3) Paxum's web site is extremely picky about the format of information that it accepts in fields when you are signing up, but does not tell you in advance which symbols are disallowed. Among the issues: periods (.) are not allowed in street addresses, but you find that out only when you include one and get an error back.
4) Paxum will not accept a scanned image above 4 MB in size for identity verification, but states that images must be "high quality" and rejects faxed images. It took me several tries to come up with an image that was of a size it would accept and also a quality it would accept. This is *really* annoying.
I could continue, but frankly, the email and web site tell me that the people managing Paxum's servers are not very good at what they are doing. I work in networking security, manage a mail server, have managed web sites since the mid-1990s, and am intimately familiar with what it takes to run a secure site. My assessment of Paxum's setup is that their technical people do not appear to be experienced enough to be trusted running a site that requests and holds information that will allow identity theft. I didn't run a vulnerability scan on the site, but would not be at all surprised to find cross-site scripts and other vulnerabilities that can be used to steal information.
I recommend not using Paxum. They probably mean well, and after they get their act together on their technical services might be worth using. For now, though, giving them the information that they request to manage your money is IMHO taking an unnecessary and unwise risk.
