dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13
share rss forum feed


DC DSL
There's a reason I'm Command.
Premium
join:2000-07-30
Washington, DC
kudos:2

1 recommendation

reply to rchandra

Re: [NY] Bank suggestions in the Buffalo area

Seriously, you need to get over your paranoia of javascript or popups on bank websites. If you entered the address yourself and you have your system fully updated, properly configured and secured to avoid DNS hijack/poisoning exploits and an active/auto-updating av there is no greater risk than visiting here.

The greatest threat to bank account security is from customer service provided by third-parties, especially off-shores. Customers should insist on doing business with banks that provide CS using only their own employees in call centers owned and operated by the bank, and that own and operate the data centers where their customer account information is stored and processed.

And, people should not harp on being refunded "foreign" ATM fees. That money comes from somewhere, namely other fees customers are charged or lowered interest rates on deposits or higher interest on lending. Instead, people need to pick banks based on their usage needs: If that institution doesn't have ATMs convenient to where one will make more of their withdrawals (and customers aren't savvy, able or willing to take advantage of free cash-back on POS debit-card purchases at places like supermarkets over hitting an ATM), then that bank probably isn't a good deal.

There is no free lunch when it comes to banks and one way or another they will get their pound of flesh from customers. People need to learn how to examine their usage and needs and narrow-down banks based on those criteria, not what browser tech they support or what all they offer for free.
--
"Dance like the photo isn't being tagged; love like you've never been unfriended; and tweet like nobody is following."


rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105
Re: JavaScript

That's a matter of personal opinion; I happen to disagree with you quite a lot. It's not paranoia, few people trust just anyone to do arbitrary things with their computers, so things like NoScript are quite warranted. There is a certain amount of sandboxing for some protection, but for the rest I would say much of what the authors are trying to do with their pages I don't want anyway.

As one small example, putting up slide shows assumes everyone has a certain minimum rate of comprehension. Guess what? I can't keep up with many of them. Not only that, they're cute for the first two or three visits, but after that, they're a cumulative waste of my time and electricity (especially if there are effects, like slide, fade, pixelate, etc.), and are distracting. It's mostly "look what I can do, maw" and serves very little purpose.

Re: popups

If you can't grasp the idea that for a long, long time there has been a UA history, where one can either click on forward/back buttons or use keystrokes as the case may be, and that this is actually useful, I can't help you. Also if you don't realize that most (all?) graphical browsers these days have tabbed browsing (thus grouping related pages together), similarly I can't help you. Both JavaScript and popups break that forward/back model, and almost always I don't like it in the least. Once you (the Web page author) have decided you must use window.open(), you've immediately stripped my ability to open the next page of content in a new tab (at least conveniently).

The same thing applies for these horrid widgets which try to simulate windows by using z-index and opacity tricks. At least if you're going to violate the history/forward/back paradigm, with an honest-to-goodness window, I can reposition it with my window manager where I want it instead of where the page author thought it should be. IMHO, all page authors are trying to do with these is get around popup blockers. Another hint: popup blockers were created for a reason: lots of people don't like popups! If they liked popups , popup blockers wouldn't exist!

In short, it's all about (often pointless) control that the page author wishes to exert on my experience. Given competition, I should just go elsewhere.

Re: outsourced service

People are people; there are good ones and bad ones. I was pretty sure someone's identity and financial security is just as compromised whether a bank employee compromises it or a subcontractor's employee compromises it.

Re: no free lunch

Of course, that's true for all of them. I agree, they're going to get the money they want no matter what. All you have to do is look to the BoA announcement after Dodd-Frank w/r/t debit card fees. The difference is in each institution's business model (meaning what percent profit they're seeking) and the stated policies. What will differentiate one from another is what my stated costs will be. If I have access to my money without additional explicit fees, all the better. In the FNFG/Ally/Evans cases, whatever they have chosen to do in their business model is simply their cost of doing business instead of an extra charge. Yes, when I need cash I can for example use the additional cash option at Aldi Foods, but there have been times when, for whatever timing/scheduling reasons, I want to make a withdrawl when stores aren't open...enter the ATM, which basically has nonspecific, brief "closed" times when the machine is being serviced. And for me, paying $2 or something like that for the $20 I want right then is excessive (would often likely be less withdrawn, if it weren't for minimums).

So, in conclusion....

Given that there are many, many financial institutions from which to choose, and they don't all use the same Internet backends, there should be nothing wrong with choosing one that has the KISS UI I want and the fee structure I want. And instead of spending literally months or years trying them all out, I thought I'd ask the users here what they thought of the institutions with which they do business, and provide information on what they're like to shorten and simplify my selection process.
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!


DC DSL
There's a reason I'm Command.
Premium
join:2000-07-30
Washington, DC
kudos:2

1 recommendation

As a long-time developer (40 years as a respected name in the industry with many of them working with financial services clients), I can tell you that the reason javascript is widespread is that END USERS insist upon the functionality. It is not solely the work of sadistic or ignorant developers. When I do usability studies and focus groups for clients, 99% of the "man off the street" types demand highly-interactive UIs that work exactly the same as a local desktop. They do not want to wade through browser history (most don't even know that it even exists). And, it just is too much as time goes on to expect a customer to have the smarts to figure out where they are in completing a form if they forced to deal with page-at-a-time or overly-long "Wizard" style forms. That creates all sorts of headaches for preventing incompletes, duplicates, or outright walk-aways. Sorry, but you are absolutely in the minority about that. If you want it different, then make it a requirement that other people must pass a "smart enough to use a computer" test.

As for Flash or other graphic-animation-based UIs that auto-play when you land on, I detest those and won't let my clients use them unless the user expressly selects that version or the content being presented actually belongs in that format, such as video. You can always tell when an amateur or graphics designer designed the UI by being forced into Flash or Silverlight by default. Those sites are also the absolute worst when it comes to data security.

Different browsers handle multiple open requests as they see fit. window.open is not the biggest pain: When I can use that or just write an anchor tab that will open exactly the same in every browser, you let me know. In IE, if I leave it to the user's browser, it may open in a new window OR in a new tab. Firefox and Chrome inconsistently do as they please. Safari on a desktop opens in a new tab *sometimes* but not others no matter how nice you ask; on iOS it *usually* starts a new tab but not guaranteed. I stopped supporting Opera ages ago because it's just a POS...you visit one of my clients sites with Opera you are warned what you see is what you get and if you can't use it then get one of the other browsers.

Outsourcing sensitive data like bank accounts or healthcare information is a really, really bad idea. No matter how stringent the contract terms are, ultimately the "owning" entity has no control over what the contractor or its employees do. At least half the bank data breaches in the last decade were pinned to offshore (mostly India) call centers where employees were openly taking liberties with account data. Greater than 80% of those incidents were due to the contracted outsourcer not giving a hoot about what the contract or applicable laws required of them. Way back when, if there was an incident involving misuse of data (yes, fraud didn't start with the Internet), a company could almost always identify exactly who it was. Data access was tightly controlled, and there was no way to directly touch the master records from the outside: Bogus transactions were easy to detect because what we used as "middleware" in those days was bulletproof when it came to exception handling. I can't tell you how much blow-back I get from programmers, even management, at clients (especially the supposedly agile ones) these days when I introduce them to Best Practices for safeguarding data.

If you want the convenience of "out of band" cash withdrawals, then you just have to suck it up and either pay hard cash for that convenience or deal with the inconvenience/limitations of a bank that refunds the fees. Same for those who cry bloody murder about overdraft fees: If someone can't or won't be responsible about keeping track of their account usage, then too frickin bad if a $0.50 candy jones costs $39.50 and then the mortgage payment bounces on top of it (with another $39 overdraft charge). In this day and age there are very, very few people who can claim ignorance about checking their bank balance to know what's in there, or bothering to find out what fees are ahead of time.

As for KISS, you are pretty much SOL finding ANY of the first- or second-tier financial institutions that have online banking services that don't require the use of javascript and cookies at some point in their UI. All of the banking apps on iOS or Android *REQUIRE* javascript (most also require Java), so there is absolutely no escaping it if you happen to want to use those.
--
"Dance like the photo isn't being tagged; love like you've never been unfriended; and tweet like nobody is following."


rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105

1 edit
First and foremost, thank you for an engaging discussion/debate.

Re: licensing computer users: we can dare to dream, can't we?

I am thoroughly aware I'm in the minority. It doesn't totally preclude there might be some businesses out there which decided to KISS. Again, I can dare to dream, eh?

You'd think that the different behaviors in different browsers for all sorts of bells and whistles would be a factor to favor KISS. Oh, the irony. In any case, I'd hope that most page writers would simply stick to standards...and as much as possible don't lay the page out to the pixel (use things like % instead). You'd also hope that those involved would be willing to have additional business due to being accommodating to the visually impaired (such as zooming the page works reasonably well). In any case, admittedly this is from someone who knows a smattering of CSS and doesn't do it professionally.

Re: Opera: I generally get along fine with it. Don't quite know why you'd declare it a PoS. Maybe I'm just drinking Kool-Aid, but I thought I had read someplace it's one of the most standards-compliant browsers out there. As you say though, if things ever get hairey in Opera, I generally just turn to FF; no problems, no worries.

Of course international operations are more difficult all around. Extradition is a bitch in particular. It still doesn't preclude there are quite a number of Americans who can ruin the integrity of my data just the same whether they work for the bank or not.

Actually, that's exactly the thing: there seem to be enough people who can't seem to add, subtract, and/or coordinate properly (and get dinged with overdraft fees) to subsidize my want for off hours cash access. Me, I did it twice in 25 yrs., and one of those two wasn't really my fault (and my bank decided to credit it back to me). Unless I'm misunderstanding the FNFG terms for ATM fee refunds, I don't have a problem with it (though as stated, not really contemplating being there too much longer).

Didn't say anything about not requiring cookies, just comply with best common practice of same origin. FNFG are really the only folx in like 5 years with whom I've had such cookie problems. It still doesn't excuse them for not giving some clear indications of one, needing JavaScript, or two, specifically what the issue is instead of just a generic "we encountered an error." Nor am I arguing for excluding such generic error messages; just, for those like us who would understand what "required cookie missing" or "invalid cookie" might mean, include that too. I would think those handful of words IN ADDITION TO the generic "we can't help you right now" should not be problematic. Besides...the message I saw was bogus anyway; it was saying that I should retry later. Now that I have more of a handle on what the issue was, I now understand that unless they made a backend change, it wouldn't matter how many times I retried or when, it was never going to work.

I mean seriously, it sounds like you would very well know how easy it is to have something like <div id="TellTheSchmuckToEnableJS"> Having JavaScript enabled is ESSENTIAL to this site's function</div> with JS changing the display or visibility. Matter of fact, Key does do this on some of their pages (think it was the login page I was trying).

As for tier 1 or 2, I don't necessarily care if it's 1 or 2. With for example a well established FCU like WD, I wouldn't think it'd be a problem. WDFCU has been around since at least 1996, and I wouldn't think they'd still be in business if they were screwing people or had (major) security/site problems. I'm going to guess they wouldn't be even T2. And I don't need a total lack of JS, just don't use it for every last thing on the page.
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!