Citi Takes the Cake - Worst Web Banking Experience!

So if you don’t know, I’m a web developer and while I realize that some businesses struggle to have a “great” web experience and presence, I was simply floored today by the terrible experience while trying to simply log in to the citibank website to manage a brand new AA Rewards Mastercard. I expected much better from a bank with over 200 million customer accounts!

First lets give a little background: my primary bank is Wells Fargo, which was one of the earliest banks and I believe the first “big bank” to have an online presence, though for many years they just hosted a simple static website about the bank without online banking in the 90s. Their online banking experience has always been great and they spend a lot of effort these days on being mobile-browser-compatible, which is smart. My previous least-favorite online banking experience was with U.S. Bank a number of years ago, which I used occasionally as the board chair of SEDS-USA. I’m not sure if this is still a feature, but the stupidest thing at US Bank was their “security picture” you verified upon login. I presume this was something only provided after you had provided a username+password to help you verify that you’re not on a fake facsimile of their site or the victim of some types of Man-In-The-Middle (MITM) attacks. Still it seemed that the likelihood of this was very low, so it was a bit of security theater.

Now to Citi’s website today: oh my gosh - these guys appear to still be living back in the early 90s! So to start with the good part - I got an AAdvantage card to save some money on a flight for 2021 due to their $200 back deal and free checked luggage, though I really don’t like American Airlines, so the likelihood that I’ll keep the card long-term is low. But, when I got the card during my ticket purchase process, the card approval process was very well-done and straightforward, they even helped me to set up a username and password for their website, though to log in after my initial setup, you needed to have the physical credit card, which took a few weeks to arrive - that’s where the problems started.

So today, I got my physical card and decided I would go setup my online account - should be easy enough, right? I went to Citi’s website and entered my username and strong+complex password, conveniently stored in my password manager - great! The first thing they ask is for the last 4 digits of your card, the 3-digit code, and your “secret word” to activate the card. It having been a few weeks, my first question was “what is my secret word?” I tried some ideas I might have used, but had no luck. Oh well! So I tried the second idea on the paperwork I got with the card, which said I could register the card via the phone app. I got the app, logged in, which required no “secret word”, and activated the card, or so I thought. But even after this process was done, attempts to login online failed and just brought me to the card activation page with the taunting “secret word”. So I contacted chat support on the app to see if they could help “reset” my secret word. Not possible they said, as apparently my secret word is critical to all of Citi’s security procedures - sigh.

Not one to give up, I asked chat support if calling their phone number would allow me to reset the secret word - “yes” she said, so I told chat support where they could put their secret word and called Citi’s phone system. Of course, once I had gotten far enough through their IVR support to request a human, I was again asked for my secret word, responding “I don’t know!!”. Eventually the fast-talking English-as-a-second-language phone support person was able to help by totally resetting my online account, forcing me to recreate a username + password and my secret word (which I now set to something more memorable). But wait, there’s more!

It appeared that when registering for an online account, none of Citi’s form fields are well labeled, causing my password manager to jump in and attempt to fill them all with my username or password, which was annoying but not the end of the world. More annoying was that they’ve attempted to prevent you from copying text into the “confirm password” field, forcing me to paste my password from the manager into another window so I could manually enter it here - this is generally a best-practices no-no these days, particularly because of password manager support. Next, I got to a page where I needed 3 password reset questions, but filling this out (which should be easy) was absurdly hard due to these 3 things:

The list of possible questions to answer for each of the 3 questions was very limited, providing only 6-7 options, where as most forms like this either let you free-form the question or provide 10-15 options to choose from.

Some of the limited questions may not apply to you depending on your interests (i.e. “What was your favorite sports team as a kid?”) and others requested last-names of specific people, which in my case is a 10 character name of someone I knew in high school that I may or may not remember in 5-10 years.

The biggest issue was that no answer you entered was allowed to have any spaces, which is a big issue if your Elementary School (the answer to many of the questions) does not have a 1-word name (mine is 4 words). I’m not sure how this restriction makes any sense and I’ve never seen it before!

Eventually I did find some options that worked and got my account up and running, but it was daunting - and I’m pretty good with working with websites (I mean I build + break them for a living). I can’t imagine how my mother or grandmother would ever navigate that journey - they’d likely just give up after a few minutes.

So to recap registering an account on citi.com...

Pros:

A high-strength, long password is required and they provide a password strength meter - great!

2FA codes sent by SMS are used in few cases, which is good, but not great.

They do lock you out for attempted tries with the wrong password or secret word.

Cons:

Online forms do not have good support for password managers or copy-paste of data.

Use of a secret word chosen in one of a limited number of categories for verification instead of something more complex like a pin-number seems quite insecure + annoying.

Process is not at all straightforward, meaning many users will give up.

Setting password questions and answers when answers cannot have spaces and question choices are limited is extremely hard.

App appeared to work even without the secret word, which seems scary.

Did we forget about the gas tax?

After congress passed a “fix” to federal highway funding last December, it appears now that oil costs have dropped massively, we have forgotten the need to raise the federal gas tax from 18.4 cents per gallon. It would take approximately a 10 cent raise to bring the tax up to date with inflation, and when many people are paying $1.00-$1.50 per gallon today, they won’t feel much pain from an extra 10 cents.

One notable part of the issue with the 5 year funding fix passed in 2015 is that it assumes a very high price for oil it sold from the national reserve, when the actual price today will be quite low. There’s a good chance that the fix won’t save the highway fund for a full 5 years.

We also need to structure the gas tax in such a way that it keeps funding the roadways for years to come. There is more than one reason why the current tax is not enough anymore. The fact that the 2015 bill basically just raids the Federal Reserve’s piggybanks to pay the bill is a bit of a cheap shot and a one-off fix to the situation.

We deserve better!

This is one of the shops at the Christmas Market in Munich. It's one of the more impressive ones.

In Germany (again)

After hours of flights, we finally made it to Munich and after a search, found our hotel, which is pretty nice. Tomorrow we head off to check out the end of Munich's Christmas market and check out their Christmas eve service.

Oh you Republican Convention, you

Okay, so I just came back to my apartment from watching Hunger Games (again) at the little theater at my apartment complex and figured I'd sit down to see what the Republicans in FL were up to.  I flipped on CNN to see a guy named Artur Davis talking.  What he is saying riled me enough that I think I'll jot down his quotes paired with some real facts.  You know, facts - those things that you may have seen once in school or in research papers or textbooks.  So here goes:

Instead of moving oceans and healing planets, let's pay our bills down and pay down the debt on that wall (points to debt clock) so we control our own future!

It is a proven fact that over the last 30 years, Republican presidencies have resulted in an increase in the national debt, while Democratic presidencies have resulted in net decreases. The image below, compiled from data from the US Office of Management and Budget shows Democratic years in Blue and Republican in Red, see for yourself.

We don't need a party that has led while poverty and hunger rose to record levels to give us lectures about suffering.

Based on the last 30 years of U.S. census data, I made up a nice chart where you can see (excepting the Obama years which have both incomplete data and may only be half-over) that though fluctuations are minor, Republican presidents generally lead to higher levels of population below the poverty line in every racial category and Democratic years show a slight drop in poverty.  I think the data is clear (all data from online Census bureau reports).

When [democrats] say we have a duty to grow government even when we cannot afford it, does it sound like compassion to you? Or does it sound like recklessness?

Many sources have noted again and again that government has actually been getting larger more slowly under Omaha more than it did under Bush (it grew quite a bit from 2000-2008).  This post from the Economist has a very nice "first 4 years" chart that demonstrates this.  Another chart from ThinkProgress shows annualized growth rates per president and you can see how huge it was post-9/11 under Bush versus Obama's first years.  Again, all Presidents have expanded government, but Republicans much more than democrats.

They minimize the genius of the men and women who make jobs out of nothing.

First off, lasting jobs do not come from "nothing".  Good jobs are born due to demand - perhaps untapped demand, but demand just the same.  Kudos to those businesspeople who are able to tap demand and then require workers to make a product, I have no problem with that.  But I believe that "genius" may be going a little too far.  It isn't like these folks created jobs like Harry Potter magic, they simply solved a problem of supply and demand and jobs were the result.

This is my biggest problem with Romney overall.  He constantly states that he can create millions of jobs if he becomes president while shrinking the government.  This is simply impossible.  The only way that presidents can guarantee jobs is to create permanent or temporary government jobs (which then create further private sector jobs).  If they intend to create private jobs, they would need to massively stimulate demand - and you don't have to be a genius to see that a smaller government demands less of everything.  So how will you drive demand Mr. Romney?  I'm all ears.

A democrat cuts the work requirement of welfare in the dead of night and won't tell the truth about it.

Every time Republicans say this, they get rated "Pants on Fire" by Politifact.  Here's Romney, Santorum, Bob McDonnell, the list goes on.  Factcheck.org agrees with Politifact, as does CNN and NPR.  I don't know why they keep claiming this.  Any changes to the work requirement is up to the states now, which is usually the "power to the states" type of rhetoric that Republicans support.  Republicans, always willing to turn on a dime to point fingers at the president for anything - gotta love it.

Now, I have nothing against Romney, actually I think he'd do an okay job.  He's obviously a hard worker (which goes a long way), but I worry that he is way too willing to bend to the will of the far-right and make bad economic decisions (less taxes + more defense spending) that will affect my future for decades.  I just hope that folks I know will look to facts at some point rather than listening only to the Republican or Democratic echo chamber.

Reid released the latest video of the Sagan Series. If you haven't seen one, definitely take the couple minutes to enjoy it.

When the Soviets didn't follow us to the moon, we stopped dreaming about tomorrow...

- Neil deGrasse Tyson

You tell 'em Neil!

Hmm, what couch to get...

I went over to check out Nebraska Furniture Mart today and boy that place is big, as in multiple city blocks big! Quite amazing. Anyhow, I saw some things I liked, but wanted to think about what colors and fashions I wanted in a couch before going back to purchase something. I'm thinking about going with a sleeper sofa in case any guests wanted to have a free place to stay in Omaha. So hopefully I'll get that arranged soon and have a nice place to relax - then I can start working on a desk and a kitchen table.

I spent a good part of the rest of my day working on making backup copies of my opinion pieces from the Iowa State Daily on rickhanton.com. I spent a lot of time on the format over Christmas and it is just a lot of effort to copy-paste each column individually into my website. See my progress so far at http://rickhanton.com/opinions

Good to keep busy.

Found a box

I found a box dating back to just before my freshman year.  In it were a lot of things including letters from many universities that I hadn't even opened.  There were letters from:

Lafayette

U of Rochester

New York University

Rice

U of Chicago

Columbia

Grinnell

St. Thomas

Illinois Wesleyan

Gonzaga

Miami

Boston

South Carolina

Guess I was a popular guy back then.  (also found denial letters from MIT and Caltech, not as exciting)

The proposition is that the current tax structure is designed to take away an equal amount of utility from each group of earners.  While 20% of income is a large amount (in terms of overall utility) to a poor person, it is insignificant to a rich person because as wealth increases, the utility of each dollar decreases.

Saw this this morning before going to sleep. New G.I. Joe trailer: Childhood favorite characters, a battle fought whilst hanging off a cliff on ropes, Bruce Willis cameo, what's not to like?

From 1981 to 2009, the greatest accomplishment of the anti-government Republicans was not to reduce the size of the federal government but to stop paying for it.

Bill Clinton in his new book "Back to Work"

Still Hoping for Rockoons in the Forecast

If you are someone who knows me, you probably have some idea that I've been working off and on with some great guys to develop a working Rockoon for a few years now. I remember back in the Fall of 2007 when the SEDS chapter at MIT started throwing around the idea of building a Rockoon and even making a competition out of it. Late that year, the official announcement came out and I helped form up a team to investigate the idea at Iowa State where there was a rich history of rockoon designs that had never been flown.

Straight from the start, the competition (set up by SEDS) was a bit wishy-washy. The rules stayed in flux for months and in the end the final rules had thrown out many of the good parts of earlier versions. Still, there were at least 3-4 university teams that were interested and everything was good. We started trying to figure out the best way to make it fly while (we hoped) the SEDS projects chair and chairman were busy finding a location for the contest. Fast forward a few years and there are now only 2 teams (from a high point of 6 I think and not including the MIT team that started it all) and we have some form of a good launch site in the Nevada desert, but have had issues with the projects chair dropping out at the last minute and our contacts in Nevada getting all non-responsive on us. Things are bad, good, and everything in-between. On the good side though, John Gottsacker took the reigns of the project from me with a lot of vigor and has since gotten boatloads of cash and, with a team of a half-dozen people, managed to make the rocket setup a reality (still waiting for the electronics to mature).

I have to say, it looks pretty awesome:

Now while these days it seems everyone is mad at everyone else and the two interested groups (IA and AZ) aren't always working together, I still have high hopes that the Rockoon will fly. I have a ton of confidence in and appreciation for all the work John and Nick did on this project through their college careers, and though I had to wait around an extra year for it, I think this year is the year (fingers crossed).

In the end, I hope that everyone learned something from the project and that future projects set up by SEDS can find much more success after a rocky start. Here's one more picture and the youtube test video from last spring if you haven't seen it:

Thoughts Before Sleep

Well, I had a great weekend this weekend and it was much more exciting than most weekends this summer. First off, Tyler and Amanda got married, which was awesome! The service was very sweet and well done and the reception had great food and was very interesting and entertaining (I'll have a few youtube videos that should go viral in a few days ...). After that it was fun to treat Lisa to a wonderful little 21st party around campustown (just don't spill beer on my carpet on Hyland, aaah!). Today was great just to hang out with "the guys" (Jim, Hillary, Samuel, Doug, Nick, and Kristen), hunting gnomes, watching the soccer game, swimming a bit, and finishing with fireworks. Though what I thought was great was just taking the time to look up. We got to see a beautiful ISS pass just before the fireworks started (I was asked "can the astronauts see the fireworks?") and somewhat remarkable to me were the comments of my friends while watching the space station blaze through the sky that went something like: "Can you believe that we built that?" "It's crazy that there are people circling miles above our heads up there." "Just think, we're probably the only ones out here that realize what that dot is going over our heads." "I think my favorite thing about coming out for fireworks was checking out the ISS overhead." It makes me realize that with the right info, the task of "selling space" to people is so simple (yet so hard). Nobody ever stopped thinking that NASA does amazing things, it's just taken for granted. It isn't until you stop and think "Whoa, what we have done is amazing!" that you realize the benefits of the space program. I then had to drive home to Cedar Rapids, but as I went I knew I needed to stop just for a minute to take in the amazing view tonight. I pulled off the road outside of Toledo, turned off the headlights, and just leaned on the hood and gazed at the stars. I think most Iowans don't know how special it is that they have such a beautiful nighttime view. To be able to look up and see more stars than can be counted is something that can only happen in small towns, farm fields, and open pastures and mountaintops. In the big city (where I'm from) it's just a big haze of light pollution. So how do we get the urban 81% of the country to see through the haze to the beauty above? I don't know, but I sure want to figure that out!

People Obviously Don't Understand Government

OK, two issues today. First, the issue of how politicians should act when voting in congress or in state bodies. Then the issue of people criticizing the Obama administration for their response to the oil spill. So first off I heard on NPR about Tom Perriello, a freshman Democrat from VA who many Republicans are gunning for because of his way of using "conviction politics". What he calls "conviction politics" is the fact that he feels that now he has been voted into congress, he should vote for what he feels is right for his district rather than "by the polls". This has been blasted by Republicans right and left as he voted for the stimulus and health care bills. But hold on people, this is how our founding fathers WANTED congress to work. The reason congress exists is for a representative from the people to represent their people in votes, not to poll them on every issue beforehand. Congress specifically isn't about which citizen can yell the loudest. Whenever you vote in an election, you are giving the person you vote for the ability to speak on your behalf and represent you within a body representing the state or country. This is one of the reasons that I think party-line voting is idiotic. You need to vote for those that will best represent you, not those your party tells you to vote for. I also don't like career politicians for the same reason. They live in Washington, so how are they possibly representing your "local" interests? Secondly, the oil spill is a huge problem for everyone and probably will be for some time. The fact that some people are blaming Obama for not preventing the spill or not doing enough to fix it is crazy. As one like-minded person on BBC.com noted, Obama can't don his Superman cape and fly under the sea to plug a stopper in the leaking pipe. He also can't be blamed for allowing BP to cause the leak. The regulations regulating oil drilling were made far before his time. If there is any politician to blame, I might blame Bush and maybe Clinton for having some of the most lax regulations in the world on deep sea drilling. But now at this point, the only thing Obama could seriously do would be to provide the "Russian" option of dropping a nuke down the hole to fix the problem. I personally don't think it's a bad option, but it is a bit close to a lot of populated coastline for that. Other than that, BP and Transocean are the only ones with the technology to fix the problem. This issue simply isn't in the playbook for a group like the U.S. Navy, though maybe it should be. As in all things, hindsight is 20/20 and maybe we can plan better next time. Better yet, we could regulate like Canada and force the drilling of a relief well in conjunction with the main well so that in the future we wouldn't need to wait for months if an issue arises.

New Commercial Spaceflight Reaches New Heights

So, if you were asleep yesterday, you should know that Space Exploration Technologies, or SpaceX for short, conducted a very successful first test launch of their "medium-lifter" Falcon 9 rocket in Florida. This is a huge step forward for the companies that make up the "New Space" part of the space industry, namely new companies that seek to put payloads into orbit like the older existing companies, but to do it faster, better, and cheaper. The short story is that many older aerospace companies launch mostly government payloads (thank you ITAR!, but that's another post) and thus they have little incentive to develop new vehicles and advancements to bring things into space for lower costs because their current contracts are mostly cost-plus (i.e. they name their price plus get more money if they run into problems). This means that the cost of getting to orbit in the U.S. has actually been going up rather than down in recent years and decades. SpaceX and other companies like Orbital Sciences and Virgin Galactic are seeking to change that. SpaceX is a company started by Elon Musk, who was one of the original founders of Paypal, which he envisioned as an online full-service bank (it since turned into something a bit different). After being bought out by Ebay, Elon invested his new cash in SpaceX, Tesla Motors, and a solar panel installer called Solar City (as well as some nice cars etc). Since then, SpaceX has been his baby and he has poured the vast majority of his fortune into making SpaceX profitable (which it now is). The Falcon 9 is actually SpaceX's second successful rocket, following their work on the Falcon 1 (the number designates the number of engines per rocket and more engines equates to a larger rocket). One more iteration of their Falcon rockets that we have yet to see is the Falcon 9 heavy lift version, but we may not experience that rocket for a few years. At the moment, there is a full line of customers waiting to launch on the Falcon 9, so depending on how quickly SpaceX can work, we should see a large amount of great launches in the coming years. If you missed yesterday's launch, here it is for your viewing pleasure: So anyways, I thought it was a great flight and am disappointed by the few short-sighted (or maybe money-sighted) politicians who decried the fact that the Falcon 9 is around a year behind schedule. They should note that engineering is not an exact science. If they looked at other schedule-based programs they would see things like the Japanese H-II which (back in the day) was 2 years behind schedule, they could see the Ariane 5 that took 10 years and $7 billion to develop. In the end, this is a fantastic feat and I want to wish SpaceX the best in future launches and development of launch systems (would a job be too much to ask?).