Ultrinsic is a website that allows college students to put a wager on their grades in a course or a semester to provide motivation for performing well academically. The student chooses a target grade and how much of an incentive they want. They then complete the semester and if they met the goal, they’ll win their payout. There’s nothing wrong with the concept (gambling aside) but the problem stems from how they verify if you got the grade you were aiming for and some colleges are warning against the site.
Ultrinsic accepts undergraduate students’ wagers from over 35 colleges and universities. The site describes itself as:
Ultrinsic is a web-based college platform that provides incentives to students for academic achievement. Ultrinsic exclusively dedicates itself to motivating students to improve their grades.
To verify your grades with Ultrinsic at the end of a semester, you can either send them an official transcript or provide your login and password to your school’s electronic system. Providing an official transcript is the better way to go, security-wise but there are often charges ($8 from my alma mater) that would eat into your profit.
The other option of providing your login details, though not required, is the one that moves colleges to the edge of their seats. The Ultrinsic Terms of Service state:
Access to School Account. By providing Ultrinsic with your username and password for your online school account, you authorize Ultrinsic to access the account and to view and record any information in your account.
Any information in your account could include grades, GPA, address, contact details, and even bank account information for paying your bills. This information would be considered FERPA data and it is the student’s right to share it with whom they desire but sharing your account login details may violate the university or college Appropriate Use Policy, which might read like this:
Responsibility to Maintain Privacy of Passwords – Passwords associated with an individual’s ULID, or other University identifier, should not be shared without authorization. Compromised passwords may affect not only the individual, but also other ISU Information Technology Resources and Systems users.
Illinois State University is one such university warning against registering with Ultrinsic. They recommend that students whom have setup an account with Ultrinsic change their password and security question immediately and not provide the new information.
Another concern with providing those details to Ultrinsic reaches beyond the site. Even if you trust the site to not do anything malicious, its database containing those details is becoming a bigger and juicier target with each new registration. If the database is compromised, your login credentials would be available, not just the hashes that a normal (good) website would be storing.
Like all password-protected accounts, you should be very selective with what and whom you share those details. It would be painfully ironic to find yourself kicked out of college for breaking the Appropriate Use Policy when you were just trying to find a little extra motivation to get that A.