Any interest in a "import from bank website" command?
Tommy Trussell
tommy.trussell at gmail.com
Thu Dec 13 11:36:26 EST 2007
On Dec 13, 2007 12:17 AM, Beth Leonard <beth at oasis.slimy.com> wrote:
> On Wed, Dec 12, 2007 at 09:11:43PM -0800, David Barrett wrote:
> > So, with all that in mind, if I were to create a "File :: Import :: Bank
> > Website" command that pulls through the expensify.com OFX gateway, would you
> > use it? How can I satisfy your fraud concerns? Or is the feature itself
> > simply not interesting?
...
> I for one wouldn't use such a feature, but I don't want to speak for
> others. I think very very few people would be interested in giving
> you their login information, especially if they know you're going to
> use their account to verify if a particular bank works or does not
> work. Generally speaking that's a very bad idea -- both
> for them and for you. You don't want to be responsible for the
> professional hackers who try to compromise your site, because they
> know that others' data is stored there.
Yet another reason NOT to do this -- I believe sharing my login
credentials is specifically forbidden under my online agreement with
my bank. If I were to do so, I suspect the bank would presume my
account could not be trusted and I would lose any protection they
offer against fraudulent transactions as of the date I shared the
login information with a third party.
SO when someone steals my credit card, if the bank were aware I had
shared the credentials, my bank might legitimately ask how I can be
certain any of the transactions are valid, and refuse to recover any
money lost to fraud after the physical card is compromised because it
would almost certainly exceed the number of days "grace period" you
get after you are aware of the compromise. In my experience banks
rarely invoke the US liability limit of $50 per credit account. I'm
not certain how the US law is written, but I suspect you would lose
any protection the law offers after sharing the credentials. I'm not
certain it would play out that way, but I don't think it's worth
experimenting with.
I have already canceled two cards this calendar year ... one because
of a single mysterious transaction, and one because the physical card
was lost. I take a strict attitude regarding my bank transactions.
P.S.: I got an email today from Kofi Annan saying the United Nations
will pay $400,000 to anyone who has been scammed online. Surely it's
legitimate! ;-)
More information about the gnucash-user
mailing list