Comment by CodesInChaos
4 hours ago
> iDeal system, which in my opinion is the gold standard of how internet payment should work
Is it? I see it more as an underwhelming fix for SEPA Direct Debit's inability to verify payment data synchronously.
* iDeal doesn't support basic features like pre-authorization. I'm not even sure if it supports setting up a payment agreement without triggering an immediate payment at all (pretty sure it didn't, when we integrated it a couple of years ago).
* It hands over the customer's IBAN, which isn't really that much safer than a credit card number, since any merchant can trigger a SEPA Direct Debit using it. While you can trigger a chargeback, that requires you to actively monitor for fraudulent transactions, which a decent system wouldn't allow in the first place.
* iDeal recurring payments are SEPA Direct Debit, with all their downsides, like taking days to confirm and a payment that fails due to insufficient funds in the customer's bank account resulting in a significant fee the merchant has to pay (and will probably pass on to the customer).
And Wero has one of the worst, least informative websites I have ever seen. So it's really hard to figure out how it works, and what it supports.
> It hands over the customer's IBAN, which isn't really that much safer than a credit card number, since any merchant can trigger a SEPA Direct Debit using it.
Yes. And they would quickly lose their ability to process any payments. This is the exact same idea as how credit cards work. I don't see my IBAN as a secret, all my friends have it, as thats how they can send me money right to my account.
> that requires you to actively monitor for fraudulent transactions, which a decent system wouldn't allow in the first place.
So that rules out credit cards too, exact same system.
I'm not familiar with pix mentioned in the other threads, but I am not familiar with any other system that is better
No. The bank gives you a prominent notification when someone new gets a direct debit authorization for your account. And a merchant gets banned quickly when they misuse their debit authorization.
> pre-authorization
If you need pre-authorization use credit, iDeal is a debit system.
> It hands over the customer's IBAN
SEPA Direct Debit requires my consent one time on my banking app.
Giving out your IBAN number is generally safer then giving out your Credit card number, date of expiration and cvv code.
Additionally it allows for things like name to account checking, therefore making it less likely you will be scammed.
I was under the impression that direct debit requires an initial authorization from the account owner? Otherwise anyone with your bank account number can pull your account funds and bank account numbers are hardly a private information (unlike a cc where you need the card number/expiry/cvv code and generally a correct address)