Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> The US equivalent is ACH, which has the major downside that using only the bank ID (routing number) and account number you can effectively wipe out the target's account

Interesting. I had come to a similar conclusion myself. I noticed that in paying my school fees all I needed was those two numbers (banking routing #, bank acct #) for payment with no further verification. As you have observed all of these details are readily available on paper checks.

One way to mitigate the issue of someone potentially wiping your account is to have two accounts. One public and one private. The private one would contain (most of) your actual funds whilst the public account, which you would share freely as needed would contain just enough funds to complete whatever transactions that you need to do. Sure, it is not as convenient because you have to manage two accounts but at least that way you reduce your exposure to your funds being completely depleted.



I use checking and savings in this way. I think it's pretty common to do so that checking is a revolving fund and doesn't hold any significant money, but it's also common to just have all your money in the one account.

Anyway, good description of ACH above. Very few people understand how it works.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: