Hacker News new | ask | show | jobs
by rieTohgh6 1320 days ago
Are you sure it should implemented immediately?

> with an obligation on providers to verify the match between the bank account number (IBAN) and the name of the beneficiary provided by the payer

This will break a lot of payment flows, currently that verification is rarely enforced. For example I have saved "power company" as receiver's name, the transfers still work since everything besides IBAN is ignored.
4 comments
DocTomoe 1320 days ago
Yours may be an extreme example, but verification may be a hard to solve problem once account holder names become too long or have funky characters in it (as is often the case in the EU). For instance, my electricity provider is the

EnBW Energie Baden-Württemberg AG

Yes, EnBW, the shorthand for the name, is PART of the official name, yes, that is an Umlaut, and yes, the name is too long to fit into the standard account holder field of a SEPA transfer. So I send my electricity money to the "EnBW AG", which always worked, but is technically wrong (and technically, there is no obvious "real" solution, because their letterhead and their prefilled paper slips all use the full name, which - again - uses a too long, incorrectly-alphabeticized variant.

Now, for some extra fun, what about legal forms that have a & (illegal character) in it? Kombine GmbH & Co. KG cannot be addressed, but is a valid name.

And how do you teach an 80 year old grandmother - who up to now keeps filling out paper forms - to do this correctly on a screen the sized half a postcard wide?

link
hocuspocus 1320 days ago
The UK came up with a practical solution to implement confirmation of payee.

You need to enter the account holder name and select personal or business (with laxer rules for the latter, I assume). The API returns perfect match or partial match (actual holder name) and allows you to proceed, or no match.

A paper form means there's a human who enters the data at some point, no?

link
DocTomoe 1320 days ago
Hm, given how many of these forms are sent around, I would expect most of them getting scanned and OCRd, with a fallback should checksums no longer match.
link
bo0tzz 1320 days ago
The way my banking app handles that is by displaying a warning: "You entered <foo> but this IBAN is associated with the name <bar>. Do you want to use that instead?" I think that works pretty well.
link
hocuspocus 1320 days ago
Well, this has to come at some point.

Right now the receiving bank can silently start being compliant overnight and you won't know. If there's some official deadline, this gives the opportunity to warn all parties beforehand.

link
hoffs 1320 days ago
Confirmation of payee is nothing new
link