[Cryptography] Bad and good patterns at my financial vendor
Henry Baker
hbaker1 at pipeline.com
Tue Jan 4 20:42:56 EST 2022
I wanted to hook one of my financial vendors up with another one so that I could easily make wire transfers from one to the other.
Bad pattern: one of my financial vendors wanted my *password* information, which I thought was pretty cheeky. Yes, I trust them pretty significantly already, but giving them a password to a second financial institution seemed a step too far.
Good pattern: this same financial vendor provided another 'manual' method to hook up the accounts, that I thought was pretty clever. I give this vendor my account info for the other vendor (but not the password), and the first vendor will wire transfer a *small random* amount of money -- e.g., $3.14 -- to the second vendor. I must now notice this amount, and confirm with the first vendor the exact amount of money that was transferred to prove to the first vendor that I have access to my account at the second vendor.
Actually, the first vendor will process *two* transactions -- providing 6 decimal digits of information, at a total cost of
More information about the cryptography
mailing list