Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Mark

1653 posts

Uber Geek


#230479 25-Feb-2018 22:22
Send private message

My wife was booking laser tag for the kids birthday and the email confirmation has how to pay the booking fee, the first option use POLi Payment.

 

Anyone used them ?  Because it is a hideous idea if you did!

 

It asks what bank you are, then asks you to type in your customer ID and Password for your bank!

 

Click to see full size

 

I wonder how much help your bank will give you if you've given out your login details to a 3rd party over the interweb :-(

 

 


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
PhantomNVD
2619 posts

Uber Geek
Inactive user


  #1964117 25-Feb-2018 22:28
Send private message

Everybody here slags on them.

I’ve had to use it once or twice, and never had an issue.

Try search ‘POLI’ and you’ll see heaps of prior discussions 😉

 
 
 
 

Shop now on Samsung (affiliate link).
coffeebaron
6193 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964119 25-Feb-2018 22:31
Send private message

I certainly wouldn't use it.




Rural IT and Broadband support.

 

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71 
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


michaelmurfy
meow
13166 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1964131 25-Feb-2018 22:38
Send private message

I work for a large bank. They don't support this system at all and think it is incredibly dangerous.

 

Behind the scenes POLi is literally logging into your banking on a virtual machine hosted in AWS. Because of this, it is also very easy for banks to detect POLi and mark it in their fraud detection systems. From this point you've actually breaking the internet banking terms of conditions with most banks since you handed over your details to a third party.

 

Just don't do it, ever. First off payments can't be reversed or dishonored if made (you get no buyer protection) and second even if they don't have a record of fraud it doesn't take much for somebody to scrape your details - all it takes these days is allowing custom CSS (see here: https://news.ycombinator.com/item?id=16422696).

 

Using a Credit Card / Debit Card gives you some sort of buyer protection and fraud protection shopping online.

 

I honestly can't stress this enough - just don't use it.





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.




Intravix
110 posts

Master Geek


  #1964133 25-Feb-2018 22:41
Send private message

PhantomNVD: Everybody here slags on them.

I’ve had to use it once or twice, and never had an issue.

Try search ‘POLI’ and you’ll see heaps of prior discussions 😉

 

Probably because the solution is questionable at best and goes against a lot of the things people are told to think when it comes to online security.  Using it also violates multiple banks' terms and conditions (rightfully, given you are providing your access details to a third party).


Mark

1653 posts

Uber Geek


  #1964142 25-Feb-2018 23:01
Send private message

Oh a VM farm in AWS? That makes me even more pleased I loudly told the webpage to F'off when I read what it wanted me to do :-)

Amazing that Poli list so many big company names who use them, absurd security choice to give your customers.

mattwnz
20003 posts

Uber Geek


  #1964149 25-Feb-2018 23:11
Send private message

Intravix:

 

 

 

Probably because the solution is questionable at best and goes against a lot of the things people are told to think when it comes to online security.  Using it also violates multiple banks' terms and conditions (rightfully, given you are providing your access details to a third party).

 

 

 

 

If that is the case, why aren't banks warning about doing it, including sending out brochures etc to customers. I have used it and haven't had any problems, and is the only way to pay some companies without incurring additional credit card fees. But I use it from a bank and account that has minimal cash with. Otherwise I would pay by direct credit which is IMO just as easy.


richms
27899 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964152 25-Feb-2018 23:29
Send private message

They have already had to remove all the banks logos from the service.

 

Really banks should lock any account that logs in from those IPs, and only unlock after a long and thorough investigation has happened. That will get some negative news about poli going when someone cant pay something else because poli got their account locked.





Richard rich.ms



michaelmurfy
meow
13166 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1964156 25-Feb-2018 23:51
Send private message

mattwnz: If that is the case, why aren't banks warning about doing it, including sending out brochures etc to customers. I have used it and haven't had any problems, and is the only way to pay some companies without incurring additional credit card fees. But I use it from a bank and account that has minimal cash with. Otherwise I would pay by direct credit which is IMO just as easy.

 

The bank I work for has warned its customers multiple times - people don't listen and do it anyway. If we were to block POLi then those customers would likely just go to another bank. In-fact there was an internet banking release not too long ago that unintentionally broke POLi and we had customers telling us to fix it.





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


ripdog
548 posts

Ultimate Geek
Inactive user


  #1964162 26-Feb-2018 02:31
Send private message

So, when are these banks going to get off their asses and provide a solution like POLi? It fills an incredibly useful gap in every bank's services - low cost, instant confirmation bank transfers initiated from the merchant website.

 

 

 

It's incredibly frustrating to hear banks ragging on POLi for years, but making absolutely no effort to provide a more secure replacement. It seems especially disingenuous when the banks then push credit cards as the alternative - the payment method which so often comes with multiple percentage points of surcharge attached. I wonder how much of that goes to the bank?

 

 

 

Speaking as a kiwibank customer, I wouldn't trust a bank's security advice as far as I can throw it. Kiwibank still has their ridiculous 'keepsafe' system, which they claim is a second factor of authentication. It isn't, of course, because the second factor is only useful if it's an object which can not be easily replicated.


michaelmurfy
meow
13166 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1964164 26-Feb-2018 07:02
Send private message

ripdog: So, when are these banks going to get off their asses and provide a solution like POLi? It fills an incredibly useful gap in every bank's services - low cost, instant confirmation bank transfers initiated from the merchant website.

 

Even if a bank offered such a solution to do instant verification bank payments I still wouldn't use it over a credit card due to the fact bank transfers can't be reversed. I can't speak of what is in the pipeline but lets say a solution may be coming. You have to remember, it has to be secure for all parties.

 

It's incredibly frustrating to hear banks ragging on POLi for years, but making absolutely no effort to provide a more secure replacement. It seems especially disingenuous when the banks then push credit cards as the alternative - the payment method which so often comes with multiple percentage points of surcharge attached. I wonder how much of that goes to the bank?

 

Some merchants charge way too much and pocket it. Others charge 2.5% which is around the cost incurred to them. The thing is, you're getting payment protection out of this which people don't understand. I've seen it multiple times where a customer has made a payment via POLi to Jetstar and Jetstar have cancelled the flight - the problem is the customer is in the mercy of Jetstar as they paid with POLi where is in most cases you could load a dispute with your bank if you paid with a credit card and get your money back in these situations. To me, that buyer protection is worth it.

 

Honestly, if you know what I know about this and have seen the type of stuff the fraud teams deal with then you too wouldn't use POLi either.

 

Speaking as a kiwibank customer, I wouldn't trust a bank's security advice as far as I can throw it. Kiwibank still has their ridiculous 'keepsafe' system, which they claim is a second factor of authentication. It isn't, of course, because the second factor is only useful if it's an object which can not be easily replicated.

 

Technically it still is but it is old and not great. It is still, in most cases, better than nothing. It is also a terrible attitude to have because you've got to think your bank has seen it all. If they say something then you should follow it.





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


timmmay
20373 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964166 26-Feb-2018 07:15
Send private message

Mark: Oh a VM farm in AWS? That makes me even more pleased I loudly told the webpage to F'off when I read what it wanted me to do :-)

 

AWS is quite secure if set up correctly, definitely more secure than running Javascript on the average web browser given how poor some people are at keeping OS / software / etc up to date.


Lias
5566 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1964171 26-Feb-2018 07:46
Send private message

I've used Poli regularly over the last few years, never had an issue. If the banks want to wipe it out, all they need to do is stop merchants charging additional fees for credit cards, or offer a safe alternative that costs the customer nothing and is as convenient and quick.

 

Banks need to tighten up on merchants charging fees, and incidentally they need to make paywave mandatory.. so sick of going to shops, even major chains, and "no paywave" stickers on the eftpos machines.





I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.


sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #1964185 26-Feb-2018 08:01
Send private message

Lias:

 

I've used Poli regularly over the last few years, never had an issue. If the banks want to wipe it out, all they need to do is stop merchants charging additional fees for credit cards, or offer a safe alternative that costs the customer nothing and is as convenient and quick.

 

Banks need to tighten up on merchants charging fees, and incidentally they need to make paywave mandatory.. so sick of going to shops, even major chains, and "no paywave" stickers on the eftpos machines.

 

 

Credit card fees have nothing to do with the banks. They're goverened by the Reserve Bank, and the sole reason they are now legal is because of a Court case the Commerce Commission took against credit card companies that backfired badly on them. One of the consequences of the court case was effectively making credit card surcharges legal in NZ (they weren't previously). This backfired badly with credit card companies pushing Platinum cards with even higher interchange rates.

 

Many stores that intentionally don't have Paywave take this approach because they don't want to see their credit card fees skyrocket.

 

The Reserve Bank inquiry into interchange fees was supposed to come out around the middle of last year. There has been silence from the incoming government who were very vocal about this when in opposition.

 

 


coffeebaron
6193 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964186 26-Feb-2018 08:06
Send private message

ASB do a product called "Online EFTPOS". But low adoption at this stage, and of course only applicable if you're an ASB customer.




Rural IT and Broadband support.

 

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71 
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


Aredwood
3885 posts

Uber Geek


  #1964187 26-Feb-2018 08:07

ASB have a system to accept eftpos payments online. But my understanding is that it only works with ASB accounts.

https://www.asb.co.nz/banking-with-asb/online-eftpos-and-asb-mobile.html

Edit - Coffeebaron beat me to it.





 1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Synology DS925+ Review
Posted 23-Apr-2025 15:00


Synology Announces DiskStation DS925+ and DX525 Expansion Unit
Posted 23-Apr-2025 10:34


JBL Tour Pro 3 Review
Posted 22-Apr-2025 16:56


Samsung 9100 Pro NVMe SSD Review
Posted 11-Apr-2025 13:11


Motorola Announces New Mid-tier Phones moto g05 and g15
Posted 4-Apr-2025 00:00


SoftMaker Releases Free PDF editor FreePDF 2025
Posted 3-Apr-2025 15:26


Moto G85 5G Review
Posted 30-Mar-2025 11:53


Ring Launches New AI-Powered Smart Video Search
Posted 27-Mar-2025 16:30


OPPO RENO13 Series Launches in New Zealand
Posted 27-Mar-2025 05:00


Sony Electronics Announces the WF-C710N Truly Wireless Noise Cancelling Earbuds
Posted 26-Mar-2025 20:37


New Harman Kardon Portable Home Speakers Bring Performance and Looks Together
Posted 26-Mar-2025 20:30


Data Insight Launches The Data Academy
Posted 26-Mar-2025 20:21


Oclean AirPump A10 Portable Water Flosser Wins iF Design Award 2025
Posted 20-Mar-2025 12:05


OPPO Find X8 Pro Review
Posted 14-Mar-2025 14:59


Samsung Galaxy Ring Now Available in New Zealand
Posted 14-Mar-2025 13:52









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup