Banking Via Twitter?

← Back to Stories (view on slashdot.org)

Posted by ScuttleMonkey on Monday September 28, 2009 @07:16AM from the what-not-to-do dept.

In the latest example of how just because you can do something doesn't mean you should, one credit union has decided to offer a new feature, dubbed "tweetMyMoney," that allows members to interact with their accounts via Twitter. Can't wait for the next version, "tweetSomeoneElsesMoney." "tweetMyMoney, available exclusively to Vantage members! With tweetMyMoney, you can monitor your account balance, deposits, withdrawals, holds and cleared checks with simple commands. And, you can even transfer funds within your account. It's all available on Twitter, 24/7!"

20 of 193 comments (clear)

Min score:

Reason:

Sort:

two words by Dyinobal · 2009-09-28 07:17 · Score: 4, Insightful

I've got two words for this "Bad idea" seriously I wonder what genius thought of this up.
1. Re:two words by SEWilco · 2009-09-28 07:59 · Score: 4, Informative
  
  "Hey, everybody, Susan has a balance of $347.88."
2. Re:two words by Tanktalus · 2009-09-28 08:27 · Score: 4, Informative
  
  "Not anymore!" *snicker*
3. Re:Two words by _Sprocket_ · 2009-09-28 09:59 · Score: 5, Funny
  
  Twitter meets banking: a whale too large to fail.
Transactions need 3 elements to be safe... by Anonymous Coward · 2009-09-28 07:19 · Score: 4, Insightful

1. Target needs to be authenticated to the user. This should require some positive action, as opposed to relying on certificates which are mostly ignored and whose provenance is not as strongly assured as was initially advertised.
2. Customer needs to authenticate to the target. Passwords are not enough since humans can remember approximately 1 password only, and only if they use it constantly. The authentication should change and replays should be rejected.
3. Customer must affirm details of the transaction before it is committed. This too must use some method that is changeable and disallows playback.
Ideally a transaction will have all these elements in one idempotent package, the way for example a check might if the signature were a better biometric than it is and if the signature were checked always. That is however technically awkward on a net, so the 3 elements listed may need to be separately done. Omitting any of the elements allows different classes of attacks. If all the elements are present and tied together, attacks become very hard. Also, note, step 3 makes it largely irrelevant whether the customer is declared not-present afterwards or not. It serves also to terminate the transaction. Whether another transaction is begun or not is for the most part immaterial. (A method I have advocated to accomplish these would allow several transactions to be tied together if desired, in one session, but there would always be a "signature" or "affirmation" step for each, even if the initial authentication steps were recent enough to continue to use them.)
This needs hardware. However it can be done very cheaply; the hardware needed can in quantity be had for perhaps $3 a copy, possibly less, even as electronics. Paper approximations could be far cheaper still.
Better hope that it's secure. by LitelySalted · 2009-09-28 07:19 · Score: 4, Insightful

This seems like a GREAT way to lose all your money quickly.
I guess after it happens, you'll at least have something to really tweet about (as opposed to the fact you bought the new Brittney Spears album - no one cares!).
"See anything seriously wrong with this story?" by mcgrew · 2009-09-28 07:20 · Score: 4, Insightful

How about the very idea of banking by twitter? What twit thought THAT one up??

With tweetMyMoney, you can monitor your account balance, deposits, withdrawals, holds and cleared checks with simple commands. And, you can even transfer funds within your account. It's all available on Twitter, 24/7! And, the best part is, our tweetMyMoney service is free!
So how is this mobile? If your phone can send and receive text messages and you're on Twitter, you're in! tweetMyMoney uses Twitter's Direct Message feature to return the account information you request.
I don't need Twitter for that -- I just call the bank and talk to a human.
Now we see why the banking industry is so screwed; it's run by morons.

--
Free Martian Whores!
uh oh by wesslen · 2009-09-28 07:21 · Score: 5, Funny

Tweet: you're broke. :) Thank you for choosing stupidity banking.
1. Re:uh oh by hoggoth · 2009-09-28 07:30 · Score: 4, Funny
  
  > Tweet: you're broke. :) Thank you for choosing stupidity banking.
  And, Its gone...
  
  --
  - For the complete works of Shakespeare: cat /dev/random (may take some time)
Pffft by MyLongNickName · 2009-09-28 07:22 · Score: 5, Funny

120 characters isn't big enough for my account balance.

--
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
1. Re:Pffft by megamerican · 2009-09-28 08:39 · Score: 5, Funny
  
  He's from Zimbabwe you insensitive clod!
  
  --
  If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
"Hey, I know what'd be great!" by djkitsch · 2009-09-28 07:22 · Score: 5, Interesting

"This Twitter thing, yeah, it's all, like, Web Two Point Oh, and customer synergy interaction right, and then people can, like, interact with their data and it'll be all like, in the Cloud! Yeah!"

I can guarantee something very much like the above took place in their marketing department shortly before this was built. I've spent 10 years listening to this from marketing geeks - nothing more dangerous than a new technology half-understood.

--
sig:- (wit >= sarcasm)
1. Re:"Hey, I know what'd be great!" by sadness203 · 2009-09-28 07:34 · Score: 5, Funny
  
  Yeah, so what ? It's perfect, it's genius!
  Now I only have to fit the nigerian scam letter in a 120 characters tweet... and they can, in one or two simple click, send me the money!
  Can't you see the advancement ?
2. Re:"Hey, I know what'd be great!" by masshuu · 2009-09-28 08:00 · Score: 5, Funny
  
  U r heir 2 $200k, send bank info 2 this tweet long with $2,000 4 holding and verification.
  
  --
  O.o
3. Re:"Hey, I know what'd be great!" by netsharc · 2009-09-28 08:12 · Score: 5, Funny
  
  Yeah, does the bank also have a branch in Second Life? Come on man, Second Life, it's the future! Even CNN has an office there!
  Oh wait, it's not 2007 anymore...
  
  --
  What time is it/will be over there? Check with my iPhone app!
I'd Prefer to Bank via MySpace by swanzilla · 2009-09-28 07:23 · Score: 5, Funny

As long as Iâ(TM)m throwing caution to the wind, Iâ(TM)d like to hear some embedded MIDI while I bank.

--
0 = 1 + e^(Alt something)
Re:What's so bad? by Chris+Pimlott · 2009-09-28 07:34 · Score: 4, Informative

While the public messages get all the press, people who don't use twitter may not realize that you can send direct messages on twitter, which are private. That's what this system is using.
Judge Orders Twitter Acct. Disabled by retech · 2009-09-28 07:43 · Score: 4, Insightful

So when I receive a twit from my bank about someone else's account will a judge order my account disabled?
Re:What's so bad? by PhxBlue · 2009-09-28 08:07 · Score: 4, Interesting

While the public messages get all the press, people who don't use twitter may not realize that you can send direct messages on twitter, which are private. That's what this system is using.
Private? Yes. Encrypted? Not so much.

--
!#@%*)anks for hanging up the phone, dear.
Re:Not seeing the point by YrWrstNtmr · 2009-09-28 08:18 · Score: 4, Insightful

I also don't see the point of all the critics. Everyone alludes to how easily someone can steal your money with this. Ok... how?

Why would you purposely introduce another entity between you and the bank? A decidedly non-secure entity.