I can't help but ask: As a security conscious person, how can you justify creating the service? You'll have the data and access of everything your customer does online, which for your target audience is everything your customer does on a computer. For the individual customer this is worse than Google, Facebook, Twitter combined. Also, you'll have an effective backdoor into every two-factor authentication, be it online banking, valuable Twitter accounts or AWS admins. There are massive monetary and political incentives to hack or infiltrate your service. Given your scale, you can't have comparable security measures to the big players. And given your location (US) you'll eventually receive national security letters forcing you to secretly sip off anything secret services or law enforcement wants you to.