Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Send Payments #16

Open
mkemka opened this issue Jul 29, 2020 · 15 comments
Open

Send Payments #16

mkemka opened this issue Jul 29, 2020 · 15 comments

Comments

@mkemka
Copy link

mkemka commented Jul 29, 2020

This is a great api. I know there is another comment about roadmaps but is there a plan to actually create a payment through this API?

@d11wtq
Copy link
Contributor

d11wtq commented Jul 29, 2020

👋 Yes, making payments and transfers will be added to the API.

@balupton
Copy link

Looking forward to it to knock off this use case

App Idea: Todo list that punishes you financially by donating costs assigned to each task to a charity that you despise.

For instance: A democrat fails to accomplish task X by the deadline, which they associated $5 in value, the app then sends the $5 to the republican party.

@d11wtq d11wtq changed the title Creating transactions Send Payments & Transfers Aug 13, 2020
@d11wtq d11wtq mentioned this issue Aug 13, 2020
@andrewpriceau
Copy link

+1

@frasertweedale
Copy link

Bring it on! Banking-as-clicking-buttons-in-a-web-UI is soooo 2010. Let me refactor my finances and replace all the tedious manual twiddling with a very small shell script.

@cynix
Copy link

cynix commented Dec 15, 2021

Really keen for this. Any rough ETA?

@s8m7p
Copy link

s8m7p commented Jul 28, 2022

Are there any updates / ETA for payments API?

@liamzebedee
Copy link

Um. Is this ever eventuating? I was very surprised to learn this isn't part of the API.

@johnmee
Copy link
Contributor

johnmee commented Sep 13, 2022

As much as I like the simplicity of stuffing a secret into the header of an https connection, and although I do not really know enough about it to really know, it doesn't strike me as sufficient to keep 'the bad guys' at bay.

We are talking about the programmatic ability to spend money. I expect the security arrangements are exhaustingly tiresome. Not to mention the protocols around what to do after you accidentally and randomly distribute your entire life savings during a "test" run of your script.

Still, someone could throw us a bone, with a hint on how the authentication and authorization will be established, maintained, revoked, etc? And potential mishaps resolved? Any implementation details at all.

@cynix
Copy link

cynix commented Sep 13, 2022

@johnmee this wouldn't be much different from, say, the PayPal API to send money, or any other type of "destructive" APIs. The user of the API is obviously responsible for any actions they take. Can't see why it would require additional authentication mechanisms beyond what is already considered secure. At most I'd expect maybe we'll have to sign some kind of agreement that all sent payments are irreversible before this feature is unlocked on our accounts. If you want to test your script, you should be running on a staging/sandbox environment.

@liamzebedee
Copy link

@johnmee this wouldn't be much different from, say, the PayPal API to send money, or any other type of "destructive" APIs. The user of the API is obviously responsible for any actions they take. Can't see why it would require additional authentication mechanisms beyond what is already considered secure. At most I'd expect maybe we'll have to sign some kind of agreement that all sent payments are irreversible before this feature is unlocked on our accounts. If you want to test your script, you should be running on a staging/sandbox environment.

I understand the concern here from @johnmee. One thing you can do to reduce the risk is design mechanisms into the API that reduce these risks. Some common examples are circuit breakers / daily limits for the outflow of currency. A payments API could set these limits to be low initially to reduce the chances of devs screwing up.

@xMdb
Copy link

xMdb commented Jul 5, 2023

Any updates? It's been a while 😄

@arichtman
Copy link

Fully transferring money may be problematic, perhaps start with initiating payment requests between Up accounts? I'd really like to be able to auto shuffle my money around based on schedules and quotas

@markbrown4 markbrown4 changed the title Send Payments & Transfers Send Payments Mar 21, 2024
@mathewparet
Copy link

I see a lot of security concerns. So probably not a good idea to enable transfers. Or at-least Up should implement some kind of anti-"app-fraud" measure to make sue the app isn't fraud.

However, I'd think that transfer between spending to savers and vise versa within the same up account must not face a security concern as such. In fact, I have a scenario I would like to automate - I have a Tesla and would like to move the cost of charging into an "Electricity". I'd like to automate the process such that as soon as charging is done at home, the cost of charging is calculated and the amount is moved from Spending to the "Electricity" saver.

@balupton
Copy link

balupton commented Jun 17, 2024

Just do what other API / automated banking apps do, where one can trust the connected app completely (no auth, or within limits — amount limits or permit to only certain accounts), or keep it semi-trusted where connected app transactions are queued until manual user approval, either via the Up App or a 2FA method.

@0xdevalias
Copy link

0xdevalias commented Jun 17, 2024

or keep it semi-trusted where connected app transactions are queued until manual user approval, either via the Up App

This would be a nice mix of 'ease of use' with explicit 'human-in-the-loop' safety. It would be SO much less effort to just have to tap a button per transaction (or select the ones I want) to confirm in-app; rather than having to manually write out the full transaction details from my phone each and every time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests