Internet Banking Experiences From Tester’s Point of View

Obs: I am not going to reveal the names of the banks in question for the time being. However, I might change my mind later and add them here. My intentions are not to show how bad these banks are but to show how bad experiences I’ve had. I’d appreciate if readers would respect this and not even try to guess the names of the banks in the comment section. However, I do recommend readers to share their experiences and I am not imposing any rules on what you should or should not tell.

I have experiences with Internet banking from S (Finnish), R (Austrian) and T (Romanian). The experiences differentiate widely from UX point of view. In this post I will put in plain words some of the obscurities I have seen with the Internet services of these banks. Please note already at this point that in my opinion an Internet bank should be top-notch from quality, usability and user experience point of view. Not only because my examples are hugely profitable and wealthy organizations, but also for example because they have so diverse end users in their systems. Respecting end users is a must for them.

S

There is a person who can access my account details. I asked from the bank about this and was told they don’t know how it’s possible. I updated my service agreement with them and was told the problem is not going to remain. The problem remains.

There was a big integration project to D (Danish) system which was a disaster. (They lost in Finland almost 30 000 personal and over 2000 corporate customers in about half a year.) Even ATM’s stopped working and gave Danish messages in Finland. The online banking integration resulted in people not being able to sign in the system, getting duplicate payments, receiving error messages in Danish… After this, S has had their fare share of problems with an average of over 1 major/critical issue each year.

R

I started using them around the beginning of 2008. At this point, the system didn’t need a token or anything that changes; it was enough to know a username and password.

I forgot my password at some point as I didn’t use their services in a long time. I noticed quickly two things:

1) The system was clever enough to give a different error message for a wrong username and a wrong password.

2) The login page didn’t have a restriction for unsuccessful login attempts.

Later on in 2010 or so I thought to return as their Internet banking customer. I went to the bank and realized how nicely they had adopted using tokens. I felt security was finally taken care of. Unfortunately, this time the bureaucracy to actually get it working was too much, so I left after 30 – 60 min of trying to get an account.

T

I wanted to leave the ultimate example as the last. I have seriously considered many times to change my bank because of the problems I have had. I still am. I just haven’t found a (local) bank with much better ensemble.

First was to take Internet banking in usage. This happened either with Token/SMS or installing a certificate on the PC and using that for credentials. I wasn’t given a token, but thought to try to SMS option. Surprisingly the SMS option wasn’t implemented. All I saw was “login with password/token”.

Then I thought to try the certificate authentication, but that page returns “SSL peer was unable to negotiate an acceptable set of security parameters.” when trying to access it. I tried to request some certificate via an online service, but never received anything.

Finally I got a token from the bank and I was ready to give another try. I changed the language to English and noticed the bank cared only to translate part of the essentials. I thought to keep a consistent language all over so I moved back to Romanian. This logs you off their service and asks to login again.

An interesting note is that the login screen has Romanian, English, Hungarian and French as the language options. Other parts of their web page had only Romania, English and Greek (!).

Then some issues from inside the banking system. When you are on the Messages view, the oldest message is on top of messages by default. Always. Change the order, read a message, return to the Messages and notice the default order is again applied.

I paid two bills with great success. The first bill was accepted (I was even prompted “Operation successful!” and presented a green circle to represent “OK”) and I was happy how easy it all was. Until today, 8 days later, when I found I had a new message in the Messages section (there was no alert for it, nothing in main page to get my attention etc.). The Message was that the operation was not successful because a mandatory input was missing.

The second bill was a success story, too. I had to pay a gas bill of 133 lei and 77 bani (1 ban is a cent of 1 leu), so I logged again to the online bank. I used the numpad for inputting numbers, because it’s more fluent for me like that, so I input 133,77 lei. I authorized the payment and noticed something odd on the screen: I just signed a payment of 13,377.00 lei. Happens that comma is forcing the amount to kilo-amounts. What a wonderful feature!

Now I needed to cancel the transaction before it’s done. (I forgot to mention that I did this at 8:30 AM and their Internet banking is performing transactions only 09:00 – 17:00 Monday to Friday. Yes, I am not lying.) I found “Order Tracking”, but there one is allowed only to view transactions, not to do anything on them. Finally from “Operations” -> “Standing orders” I found the payment. I was happy to see there is a Cancel checkbox; until I noticed it’s grayed out. I didn’t have user rights to cancel a payment I did.

Regarding user rights, when I got my Internet banking working, in a way, I had access only to other of my accounts. It took 3 personal visits to the bank to have rights to see details of my other account.