Hacker News new | past | comments | ask | show | jobs | submit login

Most manual processes, I agree, automate away. But not the ones that have negative implications for security. I don't care whether it's the TOS or some other means that's used to prevent pw sharing, but it should be prevented. It is the bank's duty to protect its users, not to tolerate services that actively discourage safe practices like 2fa.

In the EU, we're getting DSP2 [0] which requires banks to publish usable APIs to: get account information, and initiate money transfers. That's huge, though only at a baby stage for the moment.

[0] https://ec.europa.eu/commission/presscorner/detail/en/IP_15_...

This is a sham. You need to go through a certification process which costs $$$ before you can get access to those APIs even if the banking data is processed locally, which will only empower the incumbents while locking out open-source solutions and indie developers (remember that a lot of tools & products we use started as someone's side-project; this regulation locks those out by default).

At least with credential sharing & screen-scraping nobody can lock you out. Does it suck? Yeah. But I'd rather take a solution that sucks than no solution at all.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact