New name check service for online payments to help prevent fraud - MSE News

pafpcg

masonic wrote: »

It wouldn't surprise me if more banks add this feature after these changes are introduced. It is very easy to implement payee nicknames (much easier than this payee verification feature) and there will certainly be demand for it.

I agree (except implementation won't be "very easy"! Any change to a banking user front-end is fraught with difficulty and adding nicknames to payees would involve adding data-elements to the data-base underlying the front-end, so for any bank not already planning such a feature, the lead time will be measured in years.) But I'm all in favour.

masonic

pafpcg wrote: »

I agree (except implementation won't be "very easy"! Any change to a banking user front-end is fraught with difficulty and adding nicknames to payees would involve adding data-elements to the data-base underlying the front-end, so for any bank not already planning such a feature, the lead time will be measured in years.) But I'm all in favour.

For the back end, it's a simple column insertion in the table containing the payee information, with a default set to the account name. Or a new table if that's too hard. The front end will be the addition of an element to a web form, and some additional elements in the display of the information, and for the controller a few tweaks to the database queries.

Two step authentication would be considerably harder to implement and that was sorted relatively quickly.

pafpcg

I'm not disputing that a handful of competent software engineers could program the necessary changes in a few hours, but implementing them? Your understanding of how changes are specified, approved by management, a project management team assembled, scheduled, designed, programmed, documented, go through quality control, merged with existing systems and documented, tested and the results documented, audited and the results documented, planned for release, support staff trained on the new functionality and get final approval for release by management at big organisations where IT systems are the bedrock of their operations must be very different to my understanding. And since we're talking about financial processes, all these stages will likely be monitored not just by internal auditors and the security assurance team but by the bank's external auditors.

masonic

pafpcg wrote: »

I'm not disputing that a handful of competent software engineers could program the necessary changes in a few hours, but implementing them? Your understanding of how changes are specified, approved by management, a project management team assembled, scheduled, designed, programmed, documented, go through quality control, merged with existing systems and documented, tested and the results documented, audited and the results documented, planned for release, support staff trained on the new functionality and get final approval for release by management at big organisations where IT systems are the bedrock of their operations must be very different to my understanding. And since we're talking about financial processes, all these stages will likely be monitored not just by internal auditors and the security assurance team but by the bank's external auditors.

You can string it out to a lot of words but it's still easy to implement. Examples of things that are difficult to implement would be faster payments, a whole new online banking infrastructure (TSB), a payment system with a 'name check' feature, paym, 2FA, etc etc.

I'm not suggesting that easy means just a few hours work, but certainly not a few years.

Plus, account nicknames could be part of the implementation of 'name check' so as not to duplicate all that paper pushing, or it could be part of one of the other minor feature upgrades we see from time to time.

pollypenny

Without all the quibbles, surely it's better to know whether your money is reaching Evans Electrics rather than Jonathan Adepi in Nigeria?

Names should help stop the intercepted and falsely emailed bills.