Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Mark

1547 posts

Uber Geek


#230479 25-Feb-2018 22:22
Send private message

My wife was booking laser tag for the kids birthday and the email confirmation has how to pay the booking fee, the first option use POLi Payment.

 

Anyone used them ?  Because it is a hideous idea if you did!

 

It asks what bank you are, then asks you to type in your customer ID and Password for your bank!

 

Click to see full size

 

I wonder how much help your bank will give you if you've given out your login details to a 3rd party over the interweb :-(

 

 


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
PhantomNVD
2621 posts

Uber Geek
Inactive user


  #1964117 25-Feb-2018 22:28
Send private message

Everybody here slags on them.

I’ve had to use it once or twice, and never had an issue.

Try search ‘POLI’ and you’ll see heaps of prior discussions 😉

coffeebaron
5717 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964119 25-Feb-2018 22:31
Send private message

I certainly wouldn't use it.




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.

 

Cel-Fi supply and installer - boost your mobile phone coverage legally
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


 
 
 
 


michaelmurfy
/dev/null
9552 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1964131 25-Feb-2018 22:38
Send private message

I work for a large bank. They don't support this system at all and think it is incredibly dangerous.

 

Behind the scenes POLi is literally logging into your banking on a virtual machine hosted in AWS. Because of this, it is also very easy for banks to detect POLi and mark it in their fraud detection systems. From this point you've actually breaking the internet banking terms of conditions with most banks since you handed over your details to a third party.

 

Just don't do it, ever. First off payments can't be reversed or dishonored if made (you get no buyer protection) and second even if they don't have a record of fraud it doesn't take much for somebody to scrape your details - all it takes these days is allowing custom CSS (see here: https://news.ycombinator.com/item?id=16422696).

 

Using a Credit Card / Debit Card gives you some sort of buyer protection and fraud protection shopping online.

 

I honestly can't stress this enough - just don't use it.





Intravix
95 posts

Master Geek


  #1964133 25-Feb-2018 22:41
Send private message

PhantomNVD: Everybody here slags on them.

I’ve had to use it once or twice, and never had an issue.

Try search ‘POLI’ and you’ll see heaps of prior discussions 😉

 

Probably because the solution is questionable at best and goes against a lot of the things people are told to think when it comes to online security.  Using it also violates multiple banks' terms and conditions (rightfully, given you are providing your access details to a third party).


Mark

1547 posts

Uber Geek


  #1964142 25-Feb-2018 23:01
Send private message

Oh a VM farm in AWS? That makes me even more pleased I loudly told the webpage to F'off when I read what it wanted me to do :-)

Amazing that Poli list so many big company names who use them, absurd security choice to give your customers.

mattwnz
16739 posts

Uber Geek


  #1964149 25-Feb-2018 23:11
Send private message

Intravix:

 

 

 

Probably because the solution is questionable at best and goes against a lot of the things people are told to think when it comes to online security.  Using it also violates multiple banks' terms and conditions (rightfully, given you are providing your access details to a third party).

 

 

 

 

If that is the case, why aren't banks warning about doing it, including sending out brochures etc to customers. I have used it and haven't had any problems, and is the only way to pay some companies without incurring additional credit card fees. But I use it from a bank and account that has minimal cash with. Otherwise I would pay by direct credit which is IMO just as easy.


richms
23594 posts

Uber Geek

Trusted
Subscriber

  #1964152 25-Feb-2018 23:29
Send private message

They have already had to remove all the banks logos from the service.

 

Really banks should lock any account that logs in from those IPs, and only unlock after a long and thorough investigation has happened. That will get some negative news about poli going when someone cant pay something else because poli got their account locked.





Richard rich.ms

 
 
 
 


michaelmurfy
/dev/null
9552 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1964156 25-Feb-2018 23:51
Send private message

mattwnz: If that is the case, why aren't banks warning about doing it, including sending out brochures etc to customers. I have used it and haven't had any problems, and is the only way to pay some companies without incurring additional credit card fees. But I use it from a bank and account that has minimal cash with. Otherwise I would pay by direct credit which is IMO just as easy.

 

The bank I work for has warned its customers multiple times - people don't listen and do it anyway. If we were to block POLi then those customers would likely just go to another bank. In-fact there was an internet banking release not too long ago that unintentionally broke POLi and we had customers telling us to fix it.





ripdog
486 posts

Ultimate Geek

Subscriber

  #1964162 26-Feb-2018 02:31
Send private message

So, when are these banks going to get off their asses and provide a solution like POLi? It fills an incredibly useful gap in every bank's services - low cost, instant confirmation bank transfers initiated from the merchant website.

 

 

 

It's incredibly frustrating to hear banks ragging on POLi for years, but making absolutely no effort to provide a more secure replacement. It seems especially disingenuous when the banks then push credit cards as the alternative - the payment method which so often comes with multiple percentage points of surcharge attached. I wonder how much of that goes to the bank?

 

 

 

Speaking as a kiwibank customer, I wouldn't trust a bank's security advice as far as I can throw it. Kiwibank still has their ridiculous 'keepsafe' system, which they claim is a second factor of authentication. It isn't, of course, because the second factor is only useful if it's an object which can not be easily replicated.


michaelmurfy
/dev/null
9552 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1964164 26-Feb-2018 07:02
Send private message

ripdog: So, when are these banks going to get off their asses and provide a solution like POLi? It fills an incredibly useful gap in every bank's services - low cost, instant confirmation bank transfers initiated from the merchant website.

 

Even if a bank offered such a solution to do instant verification bank payments I still wouldn't use it over a credit card due to the fact bank transfers can't be reversed. I can't speak of what is in the pipeline but lets say a solution may be coming. You have to remember, it has to be secure for all parties.

 

It's incredibly frustrating to hear banks ragging on POLi for years, but making absolutely no effort to provide a more secure replacement. It seems especially disingenuous when the banks then push credit cards as the alternative - the payment method which so often comes with multiple percentage points of surcharge attached. I wonder how much of that goes to the bank?

 

Some merchants charge way too much and pocket it. Others charge 2.5% which is around the cost incurred to them. The thing is, you're getting payment protection out of this which people don't understand. I've seen it multiple times where a customer has made a payment via POLi to Jetstar and Jetstar have cancelled the flight - the problem is the customer is in the mercy of Jetstar as they paid with POLi where is in most cases you could load a dispute with your bank if you paid with a credit card and get your money back in these situations. To me, that buyer protection is worth it.

 

Honestly, if you know what I know about this and have seen the type of stuff the fraud teams deal with then you too wouldn't use POLi either.

 

Speaking as a kiwibank customer, I wouldn't trust a bank's security advice as far as I can throw it. Kiwibank still has their ridiculous 'keepsafe' system, which they claim is a second factor of authentication. It isn't, of course, because the second factor is only useful if it's an object which can not be easily replicated.

 

Technically it still is but it is old and not great. It is still, in most cases, better than nothing. It is also a terrible attitude to have because you've got to think your bank has seen it all. If they say something then you should follow it.





timmmay
16399 posts

Uber Geek

Trusted
Subscriber

  #1964166 26-Feb-2018 07:15
Send private message

Mark: Oh a VM farm in AWS? That makes me even more pleased I loudly told the webpage to F'off when I read what it wanted me to do :-)

 

AWS is quite secure if set up correctly, definitely more secure than running Javascript on the average web browser given how poor some people are at keeping OS / software / etc up to date.


Lias
4228 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964171 26-Feb-2018 07:46
Send private message

I've used Poli regularly over the last few years, never had an issue. If the banks want to wipe it out, all they need to do is stop merchants charging additional fees for credit cards, or offer a safe alternative that costs the customer nothing and is as convenient and quick.

 

Banks need to tighten up on merchants charging fees, and incidentally they need to make paywave mandatory.. so sick of going to shops, even major chains, and "no paywave" stickers on the eftpos machines.





sbiddle
29218 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  #1964185 26-Feb-2018 08:01
Send private message

Lias:

 

I've used Poli regularly over the last few years, never had an issue. If the banks want to wipe it out, all they need to do is stop merchants charging additional fees for credit cards, or offer a safe alternative that costs the customer nothing and is as convenient and quick.

 

Banks need to tighten up on merchants charging fees, and incidentally they need to make paywave mandatory.. so sick of going to shops, even major chains, and "no paywave" stickers on the eftpos machines.

 

 

Credit card fees have nothing to do with the banks. They're goverened by the Reserve Bank, and the sole reason they are now legal is because of a Court case the Commerce Commission took against credit card companies that backfired badly on them. One of the consequences of the court case was effectively making credit card surcharges legal in NZ (they weren't previously). This backfired badly with credit card companies pushing Platinum cards with even higher interchange rates.

 

Many stores that intentionally don't have Paywave take this approach because they don't want to see their credit card fees skyrocket.

 

The Reserve Bank inquiry into interchange fees was supposed to come out around the middle of last year. There has been silence from the incoming government who were very vocal about this when in opposition.

 

 


coffeebaron
5717 posts

Uber Geek

Trusted
Lifetime subscriber

  #1964186 26-Feb-2018 08:06
Send private message

ASB do a product called "Online EFTPOS". But low adoption at this stage, and of course only applicable if you're an ASB customer.




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.

 

Cel-Fi supply and installer - boost your mobile phone coverage legally
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


Aredwood
3885 posts

Uber Geek


  #1964187 26-Feb-2018 08:07

ASB have a system to accept eftpos payments online. But my understanding is that it only works with ASB accounts.

https://www.asb.co.nz/banking-with-asb/online-eftpos-and-asb-mobile.html

Edit - Coffeebaron beat me to it.





 1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic




News »

Amazon introduces new Echo devices
Posted 25-Sep-2020 11:56


Mad Catz introduces new S.T.R.I.K.E. 13 Mechanical Gaming Keyboard
Posted 25-Sep-2020 11:34


Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.