Has anyone else ever used PoLi ???

Forums › Off topic › Has anyone else ever used PoLi ???

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | ... | 12

6304 posts

Uber Geek
+1 received by user: 3567

Trusted

Lifetime subscriber

#734629 18-Dec-2012 22:37

Looks like ASB aren't keen on this
https://www.asb.co.nz/story24389.aspx

Rural IT and Broadband support.

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com

Skolink

1081 posts

Uber Geek
+1 received by user: 32

#734634 18-Dec-2012 22:46

coffeebaron: Looks like ASB aren't keen on this
https://www.asb.co.nz/story24389.aspx

Just saw that too! I wonder why I got such a generic response from ASB when I asked about handing over my details to PoLi, way back in August.

mattwnz

20520 posts

Uber Geek
+1 received by user: 4797

#734635 18-Dec-2012 22:52

coffeebaron: Looks like ASB aren't keen on this
https://www.asb.co.nz/story24389.aspx

That's really interesting. Many large companies like Air NZ use this system. If you don't use it they charge you a percentage to pay by credit card. I think direct credit via online banking is a far better option, rather than going through this other system, which I have found to be buggy and difficult to use anyway.

richms

29104 posts

Uber Geek
+1 received by user: 10222

Trusted

Lifetime subscriber

#734650 18-Dec-2012 23:43

thankyou asb for finally outing these man in the middle. However I think that anyone who has used poli (assuming you can detect) should be locked out till they change the password etc.

Richard rich.ms

sidefx

3775 posts

Uber Geek
+1 received by user: 1295

Trusted

#734790 19-Dec-2012 10:18

Skolink:
coffeebaron: Looks like ASB aren't keen on this
https://www.asb.co.nz/story24389.aspx

Just saw that too! I wonder why I got such a generic response from ASB when I asked about handing over my details to PoLi, way back in August.

Just idle speculation, but maybe they needed time to assess it before publicly slagging it off? You'd probably be surprised at how few average people would recognise Poli as such a potentially major secrity risk and report it. And then even less of those reports would actually get through to someone in IT with the time to investigate it and recognise it as a potential problem. Or maybe they were exploring options for some sort of commercial arrangement with Poli (including auditing them, etc) which has now fallen through. Who knows; but it's good to seem one of the banks showing some common sense! :)

"I was born not knowing and have had only a little time to change that here and there." | Octopus Energy | Sharesies
- Richard Feynman

freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41070

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#734798 19-Dec-2012 10:26

Basically what this does is give the common user on the street the idea that it is fine giving your bank login details to any third party - and this is never ok.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

khull

1245 posts

Uber Geek
+1 received by user: 133

#734803 19-Dec-2012 10:35

Mauricio is correct, giving your login details is one sure way of asking for trouble. How much do you trust a third party to handle your info?

richms

29104 posts

Uber Geek
+1 received by user: 10222

Trusted

Lifetime subscriber

#734855 19-Dec-2012 11:45

khull: Mauricio is correct, giving your login details is one sure way of asking for trouble. How much do you trust a third party to handle your info?

Its not a matter of trusting them, its about violating your agreement with the bank not to disclose them therefore being liable for anything that happens with them.

Richard rich.ms

Behodar

11101 posts

Uber Geek
+1 received by user: 6092

Trusted

Lifetime subscriber

#734861 19-Dec-2012 11:53

coffeebaron: Looks like ASB aren't keen on this
https://www.asb.co.nz/story24389.aspx

*sigh* ... that link, when viewed on a phone, takes you to ASB's login page. Server attention span, anyone?

ajobbins

5053 posts

Uber Geek
+1 received by user: 1279

Trusted

#734864 19-Dec-2012 11:55

I'm absolutely dumbfounded that they have gone ahead with this, and that companies are participating!

Obviously they want a solution where the platform doesn't matter and doesn't require any additional software, but to spoof banking websites is insane!

IMHO, this is borderline fraud. It also opens the door for (more) bank phishing sites, or sites pretending to be POLi and your bank as well to capture your details.

Insanity.

Twitter: ajobbins

richms

29104 posts

Uber Geek
+1 received by user: 10222

Trusted

Lifetime subscriber

#734866 19-Dec-2012 11:58

Why dont the banks do a DMCA or whatever on the hosts holding poli since they are clearly going to be re-serving copyrighted material and stuff?

Richard rich.ms

New World

Shop on-line at New World now for your groceries (affiliate link).

richms

29104 posts

Uber Geek
+1 received by user: 10222

Trusted

Lifetime subscriber

#734868 19-Dec-2012 12:00

ajobbins:
IMHO, this is borderline fraud. It also opens the door for (more) bank phishing sites, or sites pretending to be POLi and your bank as well to capture your details.

Insanity.

Nothing borderline at all, they are collecting users login information by misrepresenting themselves as the bank, using their logos etc.

No diff if I was to put a website up at asbbank.secure.no-really-it-is.rich.ms with their logos and pictures of padlocks and other stuff all over it to trick people. I am sure my hosting would get closed, and other bad stuff would happen in no time.

Richard rich.ms

ajobbins

5053 posts

Uber Geek
+1 received by user: 1279

Trusted

#734869 19-Dec-2012 12:00

richms: Why dont the banks do a DMCA or whatever on the hosts holding poli since they are clearly going to be re-serving copyrighted material and stuff?

I suspect the best course of action here is a cease and desist from their lawyers, which I am sure is already on the desk of POLi council.

This is more about security than copyright, and NZ doesn't have DCMA.

Twitter: ajobbins

Behodar

11101 posts

Uber Geek
+1 received by user: 6092

Trusted

Lifetime subscriber

#734873 19-Dec-2012 12:06

I'm just shocked that reputable retailers such as Air NZ support this service (and by extension think that it's a good idea).

nickb800

2735 posts

Uber Geek
+1 received by user: 829

Trusted

#734876 19-Dec-2012 12:13

Behodar: I'm just shocked that reputable retailers such as Air NZ support this service (and by extension think that it's a good idea).

[warning: cynical viewpoint] It helps them justify their $4 credit card payment fee*, because they can say 'but hey, theres a free alternative - PoLi'

*Which is a total rort if the fare is under ~$200, as it is a fixed fee to cover CC surcharge, which is typically around 2% for Visa and Mastercard (hard to get an accurate figure)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | ... | 12