
Ask HN: Why do banking websites break the web and are generally crappy? - thinkloop
This probably doesn&#x27;t apply to all banks, but it does apply to all <i>my</i> financial institutions:<p>- browser back&#x2F;forward doesn&#x27;t work<p>- can&#x27;t ctrl+click to open a link in a new tab<p>- logging out often gets stuck in a refresh loop forcing a hard reload<p>- generally required to hard reload at different random times<p>- session timeouts, auto-logout, etc. never work well<p>It feels like how things ran in ActiveX in the 2000s. Clearly they are doing this is the name of security, but many modern websites care as much about security (i.e. google).<p>What is it about banking that seems to force them down this route?
======
throwAwayCity
I assume a bank would say a great banking application is good enough to
prevent users from leaving for other banks, i haven't encountered a US bank
site that bad (i do sometimes have to disable Adblocker to use bank sites).

I assume a bank would say a great banking application deters the user from
calling the bank to talk to someone (bank doesn't want to pay money to staff
someone to talk on the phone).

I think banks had to race each other to get online 15 years ago to serve
millions of users which explains why a lot of their products feel outdated. If
its not broken don't fix it mentality. I assume reeducating users on a new
bank site design could force banks to forgo interest/penality payments and
things like that.

Considering banks are involved, people are constantly trying to break in, so
security is definitely priority over usability.

In the US at least, mobile apps are already used more than desktop apps, so i
assume investment will continue to pour more into mobile apps while desktop
users will be stuck with more outdated technologies.

------
forgotmypw
I think it's a combination of several factors. One is that few people join or
leave a bank because of their website. It's usually encountered already after
you've deposited your money and it's going to be very inconvenient to leave
them.

Another factor is that they typically have a big pile of money budgeted to
develop it, which means hiring large teams, which means finding work for many
people, which means building a very large complicated website to have
something to show for it in the end.

This is where design-by-committee comes into play, which is a third factor,
and where all those asinine rules come to play. And don't forget, they are
already under the authority of all the regulatory committees, with a committee
deciding exactly how to follow another committee's rules.

~~~
thinkloop
Why does having a big budget or committees make you break back/forward buttons
or disallow opening a page in a new tab? In what ways do these even
potentially break security?

~~~
new_guy
The obvious answer would be caching, if your balance is accessible by (anyone)
pressing the back button on your browser it wouldn't be good. Still no excuse
for the overall bad design though.

~~~
gtsteve
I guess they might also have a system that detects if the browsing pattern is
unusual, i.e. someone has rooted your machine and has stolen your login cookie
and is browsing at the same time as you on their own browser. If you break the
back/forward buttons then you can find impossible browsing patterns that could
indicate this.

source: total conjecture, I know nothing about these apps.

------
duxup
I have some visibility to a small bank (quite a few branches over a large area
but not a mega bank)... and basically they hire a company to manage their
individual online banking. They're not provided a lot of options outside of
branding and such. Having said that they're secure and that is what matters to
them the most.

I have mixed feelings about your description of them though. I've found most
of my US online banking to be "adequate". I don't feel like the what you
describe is really the worst of what we see as far as "break the web" goes.

------
thiago_fm
Your bank just sucks, not all of them are like this: n26 for example got a
good application and is now in the US and is big in Europe.

Nubank as well(Latin america).

There are other competitors in that space.

On my home country(I now live in Europe ;-) ), Brazil, there are so many banks
that have amazing apps, customer service and are completely free, with an
overall modern banking system, that I wonder if North America didn't really
manage to get in the XXI century :-).

It's also kind of cheap to build the software to run a digital bank, possibly
much more cheaper than the banking license itself.

------
Trias11
I worked at large bank who decided to give up solid, predictable and reliable
html/aspx pages in favor of silly one-pager framework "to improve user
experience".

This of course to be accomplished by an army of hit-n-run offshore
consultants.

Issues predictably ensued multiplied by losses from users who couldn't
tolerate this nonsense and switched their trading and banking activities in
favor of competitors.

I raised this question few times but what scolded by mid-management in fear of
being put on a spot for bad business decision.

Yet it still keeps happening.

------
byoung2
If you have to divide your budget between UX and security, a bank focuses on
security. Your favorite startup focuses on UX.

~~~
muzani
How much budget do you really need for security though? Banks aren't exactly
short on money.

~~~
byoung2
Imagine 2 identically sized dev teams...one is a bank, and another is a hot
startup like Instagram or AirBnB. During sprint planning, the bank team would
likely focus on infrastructure and security tickets. The startup would focus
on consumer facing features. A bank's website is not as important a deciding
factor as interest rates, number of ATMs, fees, etc.

------
imvetri
It's business application. Not a entertainment site

