Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
fc417fc802 2 days ago

That all makes perfect sense but consider that if they simply punted to the bank as I described they would still get the same benefits only with even less complexity. The bank fundamentally has to do robust identity verification. Any party that needs to handle payments while also lacking a reason to be good at performing in house identify verification really ought to make use of the bank because you are highly unlikely to be better at it than they are.

The entire cumbersome process you describe can be viewed as Google doing a significantly worse job of verifying your identity than the bank would have.

As an aside, I suspect that leaving it to the bank would also provide additional legal protection. Specifically anyone attempting deception will most likely be forced to commit fraud against the bank which will probably be taken much more seriously than otherwise.

mrtksn 2 days ago | parent | next [-]

I agree, in Europe(EU, UK, Turkey and other countries) banks are considered perfect for proof of ID. In UK a bank statement is as good as an ID, in Turkey for example, you can sign in into the government portal through your online banking and it is considered higher level secure authentication and you can take high risk actions(like signing legally binding contracts) that you can't do by signing in just with password and 2FA.

Muromec 2 days ago | parent | prev [-]

The bank has to perform the authorization and identity checks, but the bank will not make them for you, they do them for themselves based on their own risk analysis. The scope of authorization could also be different based on who it's presented to.

The authorization is not transitive so to say.

>As an aside, I suspect that leaving it to the bank would also provide additional legal protection

If it would, they will have to pay the bank for it and the bank should also be willing to accept the liability (spoiler alert -- the will not be willing to accept the liability)

afferi300rina 2 days ago | parent | next [-]

Google wants the authority of a gatekeeper without the overhead of human accountability. They automate the "no" but offer no path to a human "yes."

Muromec 2 days ago | parent [-]

That's all fine, they can want their wants, but then, once the bad cop writes them strongly worded letter and they start throwing tantrums over "regulation".

fc417fc802 2 days ago | parent | prev [-]

> The bank has to perform the authorization and identity checks, but the bank will not make them for you

We aren't talking about authorization, only about identity verification. I'm no domain expert but it is my understanding that banks provide these sorts of services. They certainly already have all the necessary information on hand both for practical reasons (security) as well as legal (KYC and AML laws).

> If it would, they will have to pay the bank for it ...

For the identity verification? Probably, depending on how you went about it. What's the issue? This is already a paid process we're talking about here.

For the additional legal assurance that I described? No, that doesn't cost extra. Please read what I wrote more carefully. It's a transitive property due to the penalties involved in addition to the degree to which the legal system and the bank care (at least assuming my understanding of that legal environment is correct).