Skip to main content

An open letter to Kiwibank

Dear Kiwibank,

My suggestion isn't actually sensitive hence posting it on my blog. This could be a game changer for Kiwibank though.

I want support for requesting payments. I've run into "POLi" before, and it's rubbish - the fact it requires a particular operating system and browser, requires letting untrusted third-party code log into the user's bank account and "take control". Terrible for an untrusting geek like myself who wants to pay for a flight...
I realize POLi isn't the problem, or a Kiwibank product, but it is the current best solution because no bank is willing to lead and create a proper (and secure) solution to real time paying with online banking.

It would be a great benefit to many people, including trademe users, and small businesses who might need to take payments and deposits online. Heres how I imagine it could work:

  1. People wanting paid would be able to go to
  2. set up and email their payment request/invoice 
  3. you provide a secure gateway for the recipient to pay - if they are also your customer it could be a direct bank transfer or they could pay via credit card.

Other various considerations:
  • My main concern with using a system like this would be the trust of the identity of whomever I was paying. A bank given assurance of the receiver's and/or business name would stop phishers.
  • You would ideally provide at least a basic invoice creator page to upload logo's and customize a template. Wouldn't be hard to one up paypal on that front.
  • Once the payment is made you optionally alert the receiving party. Possibilities exist for automated behaviours on receipt.
  • With an api enabling websites to create and embed these requests dynamically you would be the bank of choice in no time.
  • Long term vision would be a worldwide bank-to-bank standard protocol but let's not rock the boat too much. Although Kiwibank leading the charge would  make me very proud.
Your already happy customer,

Brian Thorne

p.s. Why isn't the contact form linked to from your home page using an encrypted connection? If I'm on a public network you've just asked for my customerID and my question could be sensitive...

Popular posts from this blog

My setup for downloading & streaming movies and tv

I recently signed up for Netflix and am retiring my headless home media pc. This blog will have to serve as its obituary. The box spent about half of its life running FreeNAS, and half running Archlinux. I’ll briefly talk about my experience with FreeNAS, the migration, and then I’ll get to the robust setup I ended up with.

The machine itself cost around $1000 in 2014. Powered by an AMD A4-7300 3.8GHz cpu with 8GB of memory. A SilverStone DS380 case is both functional, quiet and looks great. The hard drives have been updated over the last two years until it had a full compliment of 6 WD Green 4TiB drives - all spinning bits of metal though.

Initially I had the BSD based FreeNAS operating system installed. I had a single hard drive in its own ZFS pool for TV and Movies, and a second ZFS pool comprised of 5 hard drives for documents and photos.

FreeNAS is straight forward to use and setup, provided you only want to do things supported out of the box or by plugins. Each plugin is install…

Matplotlib in Django

The official django tutorial is very good, it stops short of displaying
data with matplotlib - which could be very handy for dsp or automated
testing. This is an extension to the tutorial. So first you must do the
official tutorial!
Complete the tutorial (as of writing this up to part 4).

Adding an image to a view

To start with we will take a static image from the hard drive and
display it on the polls index page.
Usually if it really is a static image this would be managed by the
webserver eg apache. For introduction purposes we will get django to
serve the static image. To do this we first need to change the

Change the template
At the moment poll_list.html probably looks something like this:

<h1>Django test app - Polls</h1> {% if object_list %} <ul> {% for object in object_list %} <li><a href="/polls/{{}}">{{ object.question }}</a></li> {% endfor %} </ul> {% else %} <p>No polls are available.</p> …

Python and Gmail with IMAP

Today I had to automatically access my Gmail inbox from Python. I needed the ability to get an unread email count, the subjects of those unread emails and then download them. I found a library on sourceforge, but it actually opened the normal gmail webpage and site scraped the info. I wanted something much faster, luckily gmail can now be accessed with both pop and imap.

After a tiny amount of research I decided imap was the better albiet slightly more difficult protocol. Enabling imap in gmail is straight forward, it was under labs.

The address for gmail's imap server is:

Python has a library module called imaplib, we will make heavy use of that to access our emails. I'm going to assume that we have already defined two globals - username and password. To connect and login to the gmail server and select the inbox we can do: