Skip to main content

An open letter to Kiwibank

Dear Kiwibank,

My suggestion isn't actually sensitive hence posting it on my blog. This could be a game changer for Kiwibank though.

I want support for requesting payments. I've run into "POLi" before, and it's rubbish - the fact it requires a particular operating system and browser, requires letting untrusted third-party code log into the user's bank account and "take control". Terrible for an untrusting geek like myself who wants to pay for a flight...
I realize POLi isn't the problem, or a Kiwibank product, but it is the current best solution because no bank is willing to lead and create a proper (and secure) solution to real time paying with online banking.

It would be a great benefit to many people, including trademe users, and small businesses who might need to take payments and deposits online. Heres how I imagine it could work:

  1. People wanting paid would be able to go to kiwibank.co.nz
  2. set up and email their payment request/invoice 
  3. you provide a secure gateway for the recipient to pay - if they are also your customer it could be a direct bank transfer or they could pay via credit card.

Other various considerations:
  • My main concern with using a system like this would be the trust of the identity of whomever I was paying. A bank given assurance of the receiver's and/or business name would stop phishers.
  • You would ideally provide at least a basic invoice creator page to upload logo's and customize a template. Wouldn't be hard to one up paypal on that front.
  • Once the payment is made you optionally alert the receiving party. Possibilities exist for automated behaviours on receipt.
  • With an api enabling websites to create and embed these requests dynamically you would be the bank of choice in no time.
  • Long term vision would be a worldwide bank-to-bank standard protocol but let's not rock the boat too much. Although Kiwibank leading the charge would  make me very proud.
Your already happy customer,

Brian Thorne

p.s. Why isn't the contact form linked to from your home page using an encrypted connection? If I'm on a public network you've just asked for my customerID and my question could be sensitive...

Popular posts from this blog

Bluetooth with Python 3.3

Since about version 3.3 Python supports Bluetooth sockets natively. To put this to the test I got hold of an iRacer from sparkfun . To send to New Zealand the cost was $60. The toy has an on-board Bluetooth radio that supports the RFCOMM transport protocol. The drive  protocol is dead easy, you send single byte instructions when a direction or speed change is required. The bytes are broken into two nibbles:  0xXY  where X is the direction and Y is the speed. For example the byte 0x16 means forwards at mid-speed. I was surprised to note the car continues carrying out the last given demand! I let pairing get dealt with by the operating system. The code to create a  Car object that is drivable over Bluetooth is very straight forward in pure Python: import socket import time class BluetoothCar : def __init__ ( self , mac_address = "00:12:05:09:98:36" ): self . socket = socket . socket ( socket . AF_BLUETOOTH , socket . SOCK_STREAM , socket .
Read more

Matplotlib in Django

The official django tutorial is very good, it stops short of displaying data with matplotlib - which could be very handy for dsp or automated testing. This is an extension to the tutorial. So first you must do the official tutorial! Complete the tutorial (as of writing this up to part 4). Adding an image to a view To start with we will take a static image from the hard drive and display it on the polls index page. Usually if it really is a static image this would be managed by the webserver eg apache. For introduction purposes we will get django to serve the static image. To do this we first need to change the template. Change the template At the moment poll_list.html probably looks something like this: <h1>Django test app - Polls</h1> {% if object_list %} <ul> {% for object in object_list %} <li><a href="/polls/{{object.id}}">{{ object.question }}</a></li> {% endfor %} </ul> {% else %} <p>No polls
Read more

Python and Gmail with IMAP

Today I had to automatically access my Gmail inbox from Python. I needed the ability to get an unread email count, the subjects of those unread emails and then download them. I found a Gmail.py library on sourceforge, but it actually opened the normal gmail webpage and site scraped the info. I wanted something much faster, luckily gmail can now be accessed with both pop and imap. After a tiny amount of research I decided imap was the better albiet slightly more difficult protocol. Enabling imap in gmail is straight forward, it was under labs. The address for gmail's imap server is: imap.gmail.com:993 Python has a library module called imaplib , we will make heavy use of that to access our emails. I'm going to assume that we have already defined two globals - username and password. To connect and login to the gmail server and select the inbox we can do: import imaplib imap_server = imaplib . IMAP4_SSL ( "imap.gmail.com" , 993 ) imap_server . login ( use
Read more