Comments on: Online Banking Usability and The Dreaded Card Reader http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/ Web Development, SEO and Internet Entrepreneurship Wed, 30 Nov 2011 20:54:52 +0000 hourly 1 http://wordpress.org/?v=3.1 By: Phil The Vegan http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/comment-page-1/#comment-6056 Phil The Vegan Tue, 04 Oct 2011 21:30:36 +0000 http://www.pickledshark.com/?p=99#comment-6056 Great article, thanks. I too am very frustrated by banks' attitude to my money they borrow. In particular the card reader issue is such a pain, but I have also found that sometimes the telephone banking 'scripts' the operators use do not match the original secret questions, so you have to work out what they mean when they ask you a question and see which of your answers they are looking at. So secure? For example one bank always asks me for my 'memorable address', when the original question they set up for me was 'which town were you born in?' But back to the little device I am now expected to carry - the card reader. I agree with all your assessments and there are many other blogs on this subject. I don't want to carry another calculator-sized device because 99% of the time I won't use it, and I won't even have my debit card on me if I suddenly want to do some online banking. I have enough trouble remembering my wallet, my security pass for work, my house keys, my mobile phone and my inhaler. I refuse to carry a man-bag so I would have to fill another pocket which would affect the neat cut of my suit! Then that day once a year when I need to logon and create a transfer, i.e. when my daughter calls and asks me to transfer an emergency allowance because she can't pay her bills and is about to have the services cut off, I didn't bring the stupid little thing with me and I'm 1000 miles from home on business for a week. Or I did remember to pack it and as I try to logon and create a transfer, the battery has died in the machine. Banks need a backup for this situation. In the old days, I had my levels of userid, password, passcode, memorable address and unusual question memorised which means I can 'martini' my banking online (anytime anyplace anywhere). I was happy and would be again if I had to have another number to generate instead of getting a machine to tell me one. For example, could I add todays date to my pin number and take away the last 4 digits of my card number? My computer has a calculator on it if I feel a bit dense. How about clicking on a icon on the website to send a code to my mobile phone, if I have that. If not, then ask me some more security stuff. Yes let me opt out if I want to take a risk. Monitor unusual activity, send me a text message or email to say do you realise you just did this? Phone me to check it's ok. If people want a card reader let them have one but don't make us. Come on work with me. I have moved banks twice and am ready to go again. PTV Great article, thanks.
I too am very frustrated by banks’ attitude to my money they borrow. In particular the card reader issue is such a pain, but I have also found that sometimes the telephone banking ‘scripts’ the operators use do not match the original secret questions, so you have to work out what they mean when they ask you a question and see which of your answers they are looking at. So secure? For example one bank always asks me for my ‘memorable address’, when the original question they set up for me was ‘which town were you born in?’
But back to the little device I am now expected to carry – the card reader. I agree with all your assessments and there are many other blogs on this subject.
I don’t want to carry another calculator-sized device because 99% of the time I won’t use it, and I won’t even have my debit card on me if I suddenly want to do some online banking. I have enough trouble remembering my wallet, my security pass for work, my house keys, my mobile phone and my inhaler. I refuse to carry a man-bag so I would have to fill another pocket which would affect the neat cut of my suit!
Then that day once a year when I need to logon and create a transfer, i.e. when my daughter calls and asks me to transfer an emergency allowance because she can’t pay her bills and is about to have the services cut off, I didn’t bring the stupid little thing with me and I’m 1000 miles from home on business for a week. Or I did remember to pack it and as I try to logon and create a transfer, the battery has died in the machine. Banks need a backup for this situation.
In the old days, I had my levels of userid, password, passcode, memorable address and unusual question memorised which means I can ‘martini’ my banking online (anytime anyplace anywhere).
I was happy and would be again if I had to have another number to generate instead of getting a machine to tell me one.
For example, could I add todays date to my pin number and take away the last 4 digits of my card number? My computer has a calculator on it if I feel a bit dense.
How about clicking on a icon on the website to send a code to my mobile phone, if I have that.
If not, then ask me some more security stuff.
Yes let me opt out if I want to take a risk.
Monitor unusual activity, send me a text message or email to say do you realise you just did this?
Phone me to check it’s ok.
If people want a card reader let them have one but don’t make us.
Come on work with me. I have moved banks twice and am ready to go again.
PTV

]]> By: Ivey http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/comment-page-1/#comment-2613 Ivey Wed, 01 Dec 2010 17:35:30 +0000 http://www.pickledshark.com/?p=99#comment-2613 Great post! This seems to me to be a classic case of forgetting to put your users first. The bank is the one that has promised to protect my assets, they are the one responsible and thus they are using this method to cover their butts. Banks know that the customer comes first and then when it comes to designing these technologies and spending loads of money, they revert back to the company coming first. Great post! This seems to me to be a classic case of forgetting to put your users first. The bank is the one that has promised to protect my assets, they are the one responsible and thus they are using this method to cover their butts.

Banks know that the customer comes first and then when it comes to designing these technologies and spending loads of money, they revert back to the company coming first.

]]> By: Dan Mullineux http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/comment-page-1/#comment-1902 Dan Mullineux Thu, 11 Mar 2010 15:46:24 +0000 http://www.pickledshark.com/?p=99#comment-1902 Hi Carey. I'm Dan Mullineux founder of wehuhu.co.uk - great article and very much on the same wavelength with our thinking, and as far as I can tell similar to a lot of what LoveMoney is trying to do. You said you are not that security conscious but at least you are security aware. It is amazing how many people are really just not aware of the basics of online security. Actually it’s not that amazing, it’s quite understandable given the complexity of the problem. I think one of the biggest differences between our approach and LoveMoney (and probably moneydashboard) is around the security model. You mention trusted machines.. “Trusted machines – link my laptop or desktop to the website, meaning I only have to jump through a hoop once” The other services use a third party called Yodlee to get their bank data. The benefit of this is that you don’t have to jump through any hoops The down side is that you have to hand over all the answers to all of your bank security questions which are then stored on central servers under the control of Yodlee – so in effect your ‘Trusted machines’ are anonymous servers out in the internet . Yodlee then actually logs in to your bank’s web site for you and processes the web pages to gather balance and transaction data Whether this is as insecure as it appears for an individual is not a simple matter, but it does require that you put a lot of trust in Yodlee. Yodlee do make as many promises as you would expect, that they are as secure as the banks themselves, but that’s still a lot of trust. We just don’t feel comfortable with giving away all our credentials to a third party company, and so have taken the trusted machine approach, where you still have to log into your bank yourself. Weve made things a bit easier with a firefox plugin, but it’s one more hoop to jump through. Dan. Hi Carey.

I’m Dan Mullineux founder of wehuhu.co.uk – great article and very much on the same wavelength with our thinking, and as far as I can tell similar to a lot of what LoveMoney is trying to do.

You said you are not that security conscious but at least you are security aware. It is amazing how many people are really just not aware of the basics of online security. Actually it’s not that amazing, it’s quite understandable given the complexity of the problem.

I think one of the biggest differences between our approach and LoveMoney (and probably moneydashboard) is around the security model.

You mention trusted machines..

“Trusted machines – link my laptop or desktop to the website, meaning I only have to jump through a hoop once”

The other services use a third party called Yodlee to get their bank data.

The benefit of this is that you don’t have to jump through any hoops

The down side is that you have to hand over all the answers to all of your bank security questions which are then stored on central servers under the control of Yodlee – so in effect your ‘Trusted machines’ are anonymous servers out in the internet .

Yodlee then actually logs in to your bank’s web site for you and processes the web pages to gather balance and transaction data

Whether this is as insecure as it appears for an individual is not a simple matter, but it does require that you put a lot of trust in Yodlee. Yodlee do make as many promises as you would expect, that they are as secure as the banks themselves, but that’s still a lot of trust.

We just don’t feel comfortable with giving away all our credentials to a third party company, and so have taken the trusted machine approach, where you still have to log into your bank yourself. Weve made things a bit easier with a firefox plugin, but it’s one more hoop to jump through.

Dan.

]]> By: Carey http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/comment-page-1/#comment-1722 Carey Tue, 23 Feb 2010 10:02:10 +0000 http://www.pickledshark.com/?p=99#comment-1722 Thank you for the contribution Emma! Love Money looked the best bet to me but I haven't had chance to try any out yet. I will be reviewing them and starting to use one of them soon. There will be a full review post on this blog so stay tuned! I will also no doubt have many requests and suggestions :) Thank you for the contribution Emma! Love Money looked the best bet to me but I haven’t had chance to try any out yet.

I will be reviewing them and starting to use one of them soon. There will be a full review post on this blog so stay tuned! I will also no doubt have many requests and suggestions :)

]]> By: Emma Davies http://www.pickledshark.com/online-banking-usability-dreaded-card-reader/comment-page-1/#comment-1712 Emma Davies Mon, 22 Feb 2010 13:39:16 +0000 http://www.pickledshark.com/?p=99#comment-1712 Hi there - I'm from lovemoney.com and thought your post was really interesting. You certainly do describe an ideal vision on how people should be able to manage their money utilising technology. We've had a fair few issues with card readers in the process of building our online banking service. We recently fixed some of the issues as we announced in our blog recently: http://bit.ly/9xiAxc It would be great to get your opinion on our online banking service and ability to use pin sentry, as you're clearly someone who gets the whole value of a service like this. In terms of the UK market - there are a few players as you mention - but thought I'd just add a few comments to update your information: lovemoney.com - UK only - we're a new UK company launched in April 2009, with online banking launching in December last year. We're still in early days - but are receiving some great feedback and improving our service with releases every two weeks - as you can see from our regularly updated blog. http://bit.ly/9xiAxc moneydashboard - still in BETA - with no known launch date – agree with your summation kublax - the oldest of the bunch - but face closure due to lack of funding - may be being rescued at the last minute - but we are still to see. http://tcrn.ch/dra2CX Wehuhu - a small player where you can upload your info or add info - but no way to automate banking feeds - but its still early days. Hi there – I’m from lovemoney.com and thought your post was really interesting. You certainly do describe an ideal vision on how people should be able to manage their money utilising technology.

We’ve had a fair few issues with card readers in the process of building our online banking service. We recently fixed some of the issues as we announced in our blog recently: http://bit.ly/9xiAxc

It would be great to get your opinion on our online banking service and ability to use pin sentry, as you’re clearly someone who gets the whole value of a service like this.

In terms of the UK market – there are a few players as you mention – but thought I’d just add a few comments to update your information:

lovemoney.com – UK only – we’re a new UK company launched in April 2009, with online banking launching in December last year. We’re still in early days – but are receiving some great feedback and improving our service with releases every two weeks – as you can see from our regularly updated blog. http://bit.ly/9xiAxc

moneydashboard – still in BETA – with no known launch date – agree with your summation

kublax – the oldest of the bunch – but face closure due to lack of funding – may be being rescued at the last minute – but we are still to see. http://tcrn.ch/dra2CX

Wehuhu – a small player where you can upload your info or add info – but no way to automate banking feeds – but its still early days.

]]>