Geekly Articles each Day
📜 ⬆️ ⬇️

Establishing a “secure connection” with Wells Fargo Bank

The Hacker News forum discusses a non-standard authorization method on the Wells Fargo website. “Secure connection” with the server is “established” in several stages.

loader.jsp

Source
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>Loading....</title> </head> <body> <p align="center"> <img src="https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfargo.com/ceoportal/DocumentumRepository/content/images/signon/messaging.gif" width="300" height="30" border="0" alt="Loading Status" /><br /> <img src="https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfargo.com/ceoportal/DocumentumRepository/content/images/signon/statusbar.gif" width="300" height="30" border="0" alt="Loading Status Bar" /> </p> <script type="text/javascript"> var selfClose = function() { self.close(); }; window.onload = function() { setTimeout(selfClose, 10000); }; window.onblur = function() { selfClose(); }; </script> </body> </html>

For reference: Wells Fargo is one of the largest US banks, with an annual turnover of 85 billion dollars. The fourth bank in the United States in terms of assets. With a staff of 270 thousand employees, it operates 9,000 branches in several countries and serves more than 70 million customers.



')
HN discussion participants have several reasons why web developers could implement such a “secure connection setup” with two animated gifs for 10 seconds. For example, a customer could have addressed the problem that “authorization is too fast” or “our users do not feel safe enough”. Perhaps not all users, but some big boss.

There are numerous stories about how customers come up with vague requests: they want a more “solid” design, a more “rich” sound, a more “secure” website. However, they can not formulate specific technical requirements for their request.

Animated gifs are often found as a “fake” download indicator on many sites. On the one hand, there is nothing harmful in them, but still it is not fair to users.

Source: https://habr.com/ru/post/171427/

More articles:


All Articles