• Spots
  • Posts
  • Ctrl+V: A shortcut to less stressful ACH transfers

Ctrl+V: A shortcut to less stressful ACH transfers

Why don't banks don't let you copy & paste your account number?

Welcome to Spots, where I highlight interesting, helpful, and odd things I’ve seen in the world of startups. Like what you’re reading? Subscribe here.

Today, I’m sharing a recent rabbit hole I went down re: ACH transfers, as well as some of my favorite reads from around the Internet recently.

One of the most magical user experiences in my life is the “copy code from text” feature on iOS, especially now that every single site requires 2FA. One of the least magical user experiences in my life is scheduling an ACH transfer.

When I send money to someone, it goes something like this:

  • Deeply scrutinize links that request banking information, lest I also end up putting $50,0001  in a shoebox.

  • Eyes dart back and forth to my account information, double and triple-checking that the information is correct as I manually enter each number.

  • Hit send, say a quick prayer, and send money off into the ether.

Tiny man, or giant non-sensical keyboard? Generated by DALL-E

Every time I do this, I think about how frustrating it is that most banks2 do not let users paste their banking information in when making a transfer. Instead, they make you type in the account and routing numbers, digit by painstaking digit. If they do let you paste it in, usually it’s just the routing number and the first entry of the account number - and then they still force you to manually type in the account number to confirm it.

So, why don’t most banks allow for this? A frustrating user experience usually has a reason behind it, so I went looking. There are a few arguments for this pattern, but I don’t think any of them really hold up to scrutiny.

Argument 1: “Real” users don’t copy and paste, only scammers would do that

The argument here is that it isn’t “normal” behavior to paste information into a form, and legitimate humans will type their answers in.

I can see some merit to this when the field is for something like e-mail or birthday - the kind of stuff you know by heart. In those cases, it makes sense to me that pasting information in should at least throw up some red flags. Account and routing numbers, however, are not readily or commonly memorized.

Argument 2: We want to reduce errors by making sure someone has to physically input the data

This feels like…the opposite of what I’d expect to happen. You know what has zero error? Me copying my account and routing number from my banking website. Seems more likely I’ll fat thumb a number than somehow lose some digits on the clipboard as I Ctrl + C and Ctrl + V from the source of truth.

Argument 3: Allowing users to copy data exposes it

The argument here is that the clipboard isn’t secure, and therefore you shouldn’t be able to copy sensitive information onto it. But rarely are banks stopping you from copying the data - it’s the pasting they are disallowing. So you’ve already got the sensitive data on your clipboard, they’re just preventing you from putting it anywhere.

I don’t think these reasons hold water, and they start to feel particularly leaky when you remember that your account and routing number aren’t really all that confidential. Ever written a check and handed it over to someone? Great, that person now has the very information that these developers are working so very hard to make sure you can’t paste!

The good news is there does seem to be a trend in the right direction. More modern banking platforms encourage copying data (see: Mercury, Ramp), and accept pasted data. And the increased adoption of password managers should only accelerate this.

So if you know someone at a legacy banking institution (looking at you, ex-Capital One friends reading this), get this on their radar as a quick win. And if I’ve missed some huge reason that this is actually a feature and not a bug - let me know in the comments on the post or by replying to this email.

Thanks for reading! I’m trying something new, and also sharing a few of my favorite reads from around the Internet over the last few weeks. Many of my research rabbit holes are sparked by content just like this:

  • Something topical: Patrick McKenzie’s deep dive into check cashing, as well as his primer on checks

  • Something I’m excited about: The Agora Initiative’s $10k grant competition for DMV-based female founders (disclaimer: I’m on the organizing committee for this!). Share with people you think should apply!

  • Something thought-provoking: The Hoffman Wobble, which is a fictionalized-but-mostly-true story about how easy it is to fabricate things into reality on the Internet

  • A fun deep dive: A lost color that was once worth more than gold.

1  Let me know if you want to hear my conspiracy theories on this one. But I understand if you’re too wrapped up in Kate-Gate to take something new on.

2  Obligatory “Ramp/Mercury/Brex/Meow/etc is not a bank disclosure”. See relevant tweet/Xeet

Join the conversation

or to participate.