Hacker News new | past | comments | ask | show | jobs | submit login

Well, the fact that banks traditionally allow reverting fraudulent transactions is becoming more and more of a unique selling point.

So it would seem obvious that they want customers to give out their passwords so they become victims of fraud, only to then learn that the bank has excellent fraud protection (contrary to let's say cryptocurrencies).

That is pure speculation of course. Hanlon's Razor would suggest "banks are too stupid to implement good auth", which, having worked both outside and inside the banking industry, I would strongly agree with.




In France banks have pretty good auth and also they are obligated by law to provide API, so that you can have third parties app without ever giving your credentials.

Edit: if anyone is interested it looks like it’s an EU directive https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A...


Banks allow reverting fraudulent transactions because it is required by law. In the US at least.


> Well, the fact that banks traditionally allow reverting fraudulent transactions is becoming more and more of a unique selling point.

Playing fast and loose with security because the bank will be on the hook (at financial cost to the bank) does not seem like a moral or ethical thing to do, and banks would be likely to pull transaction reversion from anyone who tried to use it as a feature.


On the contrary, the fact that services like Plaid are able to exist, indicates otherwise. If banks had a problem with the implementation, they would send cease and desists.


In the UK at least, there's often a liability shift if you do end up using a service such as Plaid.

Banks won't cover you for fraud that ends up happening because of you handing your online banking password to someone and rightly so.

When they do cover you, it'll be because they have a professional relationship with Plaid and/or they rely on other auth methods such as EMV CAP.




Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: