You say "They fear having a third party with access to their bank account
number."
You ask "How can we convince them?" Do 'they' never write cheques then?
They're effectively giving away into the public domain more than their bank
account number each time they write a cheque.
If my bank were to allow someone to empty my account just because they know
the account number it would be time to change bank not to change VAN.
It sounds like the real issue is : can you trust any third party (bank or
VAN or anyone else) not to disclose your ID & password so that some 4th
party can 'spoof' your bank into believing that they are you. This is a
completely separate issue to sending your bank account number in an EDI
file via whoever. This kind of fraud takes place every day whether
paper-based or electronic and requires its own risk-assessment.
Does the VAN allow their own internal staff access to your VAN password?
If so, suggest to them that they shouldn't. They should allow their support
staff to reset passwords but should not allow them to read existing ones.
Only you should know your password. That way no-one should be able to
spoof your bank and your EDI transmission should be safer than a paper
cheque.
Kind regards,
Ian Williams
EDI Consultant
Email : [EMAIL PROTECTED]
Phone : +44 (0)20 8481 3423
Ray Schell <[EMAIL PROTECTED]>@LISTSERV.UCOP.EDU> on 21/06/2001 16:07:06
Please respond to Ray Schell <[EMAIL PROTECTED]>
Sent by: Electronic Data Interchange Issues <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
cc:
Subject: Electronic Payments
How can we convince accounting people that electronic payments through
a VAN is just as secure as going through the ACH network set up by their
bank. They fear having a third party with access to their bank account
number. The contract with the VAN is not helpful. It states, "For the
purposes of operation and maintenance we may use, copy, display, store,
and distribute internally your information. . . . . We do not guarantee
that procedures will prevent....improper access to your information".
This looks to me like they are saying they aren't responsible if someone
gives your bank account number out and empties your bank account.
I am not sure that they will go along with the contention
that businesses have been using this method for years and there hasn't
been any business hurt by a fraud through improper access. What has
been the experience of others with Electronic Payments via EDI?
R. Ray Schell, EDI Coordinator
TAMKO Roofing Products, Inc.
417 624-6644 Ext. 3360
[EMAIL PROTECTED]
The opinions expressed are those of the individual and not those of
TAMKO Roofing Products, Inc.
=======================================================================
To contact the list owner: mailto:[EMAIL PROTECTED]
Archives at http://www.mail-archive.com/edi-l%40listserv.ucop.edu/
