The UI makes it seem push-based, but it’s actually pull based. There is no technical barrier from pulling from someone’s account. Any malicious entity can do this if they present the bank with a forged hand signature. Or, of course, a malicious bank. Or, of course, a malicious employee at a bank.
Worse, banks won’t let you create a whitelist of accounts that are explicitly permitted pull from your account (called “positive pay” for ACH)
Lol. Wait till you learn that SEPA is pull-based
You do not have control. But you do have laws that allow you to challenge the pull, if you notice it within the window
In what world is SEPA pull based, they can’t just remove money from your account.
Yes, they can.
The UI makes it seem push-based, but it’s actually pull based. There is no technical barrier from pulling from someone’s account. Any malicious entity can do this if they present the bank with a forged hand signature. Or, of course, a malicious bank. Or, of course, a malicious employee at a bank.
Worse, banks won’t let you create a whitelist of accounts that are explicitly permitted pull from your account (called “positive pay” for ACH)