The 2FA on the Oporto app is obscene. You’re logged out every time you launch it, need to enter a text message code to log back in, you get a text and email saying you logged in. Bro I was checking for cheap chicken strips and chips, not accessing the nuclear codes.
As someone who is in tech this made me actually laugh. That’s absolutely utterly ridiculous, but I understand why those engineers were forced to should implement that.
I’m no longer working but my background is tech too, I think it’s because they have a “save this card for next time” so there’s a bit extra needed to for the payment gateway to let you *store card tokens. I suspect they’ve gone a bit beyond the basic requirements though…
Yeah that’ll be why (for ref I’ve actually architected and built something similar to what you’re referring to for a product you may have used). What they’ve done is still over kill though. The first thing someone should’ve asked is “do we really need this feature?”.
None of my cards are saved by a site when an out of the box Google solution does the same thing backed with biometrics. That app can’t compete in that feature space and only exposes users to security risks. I’m betting that costs them millions of dollars to implement and then has cost at least a million to maintain so far all for something to expedite a payment process that could already be expedited whilst also introducing tons risk on their side and a degraded and frustrating user experience.
The 2FA on the Oporto app is obscene. You’re logged out every time you launch it, need to enter a text message code to log back in, you get a text and email saying you logged in. Bro I was checking for cheap chicken strips and chips, not accessing the nuclear codes.
As someone who is in tech this made me actually laugh. That’s absolutely utterly ridiculous, but I understand why those engineers
were forced toshould implement that.I’m no longer working but my background is tech too, I think it’s because they have a “save this card for next time” so there’s a bit extra needed to for the payment gateway to let you *store card tokens. I suspect they’ve gone a bit beyond the basic requirements though…
Yeah that’ll be why (for ref I’ve actually architected and built something similar to what you’re referring to for a product you may have used). What they’ve done is still over kill though. The first thing someone should’ve asked is “do we really need this feature?”.
None of my cards are saved by a site when an out of the box Google solution does the same thing backed with biometrics. That app can’t compete in that feature space and only exposes users to security risks. I’m betting that costs them millions of dollars to implement and then has cost at least a million to maintain so far all for something to expedite a payment process that could already be expedited whilst also introducing tons risk on their side and a degraded and frustrating user experience.
😂😂😂