US banking has wire transfers, but they cost $15-$40 and can only be reversed with the cooperation of the receiving bank. We use them to transfer large sums of money and for transfers that need to be settled immediately; most often for house purchases where both apply.
We do have ACH (single nightly batch), same day ACH (four? batches throughout the day), and the new FedNow (immediate). But all of those involve providing account numbers and we don't like to provide those (both payers and receivers prefer not to give the other participant their ach numbers). Also, there's not a consistent way to link a payment/debit with an invoice, because memo fields don't necessarily show up with the payment.
Also, credit card purchases can be reversed without the cooperation of the merchant. Most issuers are generous with chargebacks (at least historically). You could take a merchant to court if you did a wire transfer, but that's expensive and time consuming.
> we don't like to provide those (both payers and receivers prefer not to give the other participant their ach numbers
This is because in the US, anyone can pull money out of your account with only the ACH numbers; which is an insane design[1]. In most other countries, the worst you can do is deposit money. The equivalent of ACH pulls requires significantly more paperwork and proof of consent by account owner.
1. Much like SSNs, which can be debilitating if not kept secret. US payments run in "true names" magic, and simultaneously expect you to register with your one true name at random places with questionable security practices, and it's your fault if there's a breach.
> This is because in the US, anyone can pull money out of your account with only the ACH numbers; which is an insane design
That’s the default for at least Germany and SWIFT, too. You can ask your bank to disable this, but that means losing the pull functionality completely; I think some banks have an interface to whitelist individually, but the majority doesn’t.
It can become a problem especially when you list your account number publicly somewhere for payments or donations: somebody will eventually use that account number to pay for random stuff. You’re contractually obliged to check your bank statements and ask for a (free) chargeback within a certain period of time (some weeks?).
At our projects, we solve this by having a separate “public“ bank account for incoming donations that blocks pulls, and a much less public one for pulls.
Apart from this use case, abuse seems to be rare enough that banks typically don’t expose the functionality to disable but only do it manually when asked specifically. I doubt most people even know they could.
> In most other countries, the worst you can do is deposit money.
So in the EU, anyone can indeed pull money with your account number (and with RTP that may change someday). But we can also revoke any such direct debit within a certain period of time.
I had to do it once, over my banking app, money was back the moment after I clicked.
Finland is part of SEPA and we definitely don't have the ability to pull money out of someone elses' bank account without permission, using only the account number.
The "anyone can pull money out of your account" piece is true but it also isn't.
Yes, if a financial institution allows you to originate a debit from another account without verification, you could take money from anyone's account. The max liability you should have given prompt reporting of fraud (less than 60 days) is $50, and if your institution doesn't give it all back then find a new one.
ACH is also technically reversible, whereas wires/other instant transfers are not.
FIs also do fraud checks on ACH, I believe it may be a regulatory requirement now (sometime in the past few years?) to have some form of fraud check before sending originations to the FED. Typically this is verification of the other party being a known entity/account, which would ideally burn fraudsters very quickly.
Most transaction facilitators don't play around with any of this though, and have some "account linking" step before they are willing to originate transactions. Micro-deposits that you would need to verify on the other account.
> This is because in the US, anyone can pull money out of your account with only the ACH numbers
Whoa, I don't blame people for not wanting to provide ACH numbers in that case. Is there any groundswell to provide a system where this doesn't happen?
FedNow is that system. It only sends money. Can request money but it needs to be approved.
However, I'm not sure if it uses different account numbers from ACH. It could be that sharing account numbers could be secure with FedNow and dangerous for ACH.
No, since software if built around existing limitations. IE stripe invoices will generate a single use account number per invoice, so you can give that to someone who needs to pay. Aligns payment with invoice since they’re 1:1 and you can pull out funds since it’s always empty
Account-number only pulls (eg ACH Debits) are insane. Where I'm from people, charities etc routinely publish their bank account numbers if they expect to receive money from strangers.
We do have ACH (single nightly batch), same day ACH (four? batches throughout the day), and the new FedNow (immediate). But all of those involve providing account numbers and we don't like to provide those (both payers and receivers prefer not to give the other participant their ach numbers). Also, there's not a consistent way to link a payment/debit with an invoice, because memo fields don't necessarily show up with the payment.
Also, credit card purchases can be reversed without the cooperation of the merchant. Most issuers are generous with chargebacks (at least historically). You could take a merchant to court if you did a wire transfer, but that's expensive and time consuming.