Re: Refunds hide fundamentally insecure system
> In a secure system, customers would initiate payments (cash or BACS) instead of giving payees the authority to take money off them (16-digit numbers, Direct Debit
Not sure what you mean. With my usual bank, for direct debit, I need to authorise a specific receiving account and set a maximum limit. Only the account that I configure is then allowed to debit from mine, and only up to the specified amount per month. I have no need for direct debits so I have never actually tried it though.
> or, craziest of all, "contactless").
I do not understand how does contactless fail to meet your "initiated by the user" requirement. Could you please clarify?