mikes1531
Member of DD Central
Posts: 6,453
Likes: 2,320
|
Post by mikes1531 on Jan 5, 2014 15:55:34 GMT
If it's a genuinely needed facility then I can raise it again with my fellow directors and ask our advisors to work out how it can be done. With auto-split and the amounts our most active lenders are investing I don't think it's currently a high priority for us. One to keep an eye on for the future though, and if I face a barrage of people on here saying how important it is for them then naturally I'll bump it's priority up a little bit  Thanks for the insight. I personally wouldn't ask for this facility in the current situation, as I'm willing to pick up loan parts in the aftermarket in £100 chunks. If serious consideration is being given to larger loan parts for the bigger loans then I'd probably want to be able to continue with £100 chunks, so please ask those in charge of the setting of the loan part sizes to consider that. I'll leave it to others who would prefer smaller loan parts to be available in the aftermarket to let you know that, either here or more directly.
|
|
mikeb
Posts: 1,072 
Likes: 472
|
Post by mikeb on Jan 5, 2014 20:47:51 GMT
With auto-split and the amounts our most active lenders are investing I don't think it's currently a high priority for us. One to keep an eye on for the future though, and if I face a barrage of people on here saying how important it is for them then naturally I'll bump it's priority up a little bit Thanks for considering it, and explaining a bit of the mechanism behind it -- even with security at the levels you guys are achieving, splitting smaller bids across many loans is better for the risk averse. So in the main auctions, a minimum of £10/£20 is fine IMO. It's the secondary market where I notice that it looks like everything comes up in £100's. I realise there are people plunking down £160k at a single bid at the "high roller and/or underwriter" end, but we're not all able to do that The £1000 per bid thing put me off Thincats before even bothering to join -- and I'm sure I'm not the only one. If minimum bids (auction)/loan parts (aftermarket) of more than £100 appear, then I shall just have to pass them by for now. I'm sure there'll be interesting new stuff coming through the auction side of things in due course!
|
|
unmadem
Member of DD Central
Posts: 377
Likes: 181
|
Post by unmadem on Jan 7, 2014 18:30:34 GMT
As the secondary market is more active it would be useful to see against each loan on the "Loans With Units For Sale" list if you already were an investor. Ideally it would show the amount you had already invested in each loan.
|
|
mikes1531
Member of DD Central
Posts: 6,453
Likes: 2,320
|
Post by mikes1531 on Jan 7, 2014 23:34:45 GMT
As the secondary market is more active it would be useful to see against each loan on the "Loans With Units For Sale" list if you already were an investor. Ideally it would show the amount you had already invested in each loan. Yes, that would be very good to have. While improving that page, I'd also suggest it would be very useful to know how much of a loan is available, so I know whether I have some time to think about it -- because there are thousands of pounds' worth of loan parts for sale -- or have to decide very quickly whether I'm interested or not -- because there's very little being offered.
|
|
j
Member of DD Central
Penguins are very misunderstood!
Posts: 2,188
Likes: 540
|
Post by j on Jan 10, 2014 21:41:09 GMT
Not sure if this has been suggested, but a small column in the 'my account' page beside each loan showing when the next payment is due would be very useful to plan cash flow, instead of having to access every loan individually to check when next tranche is due! Hope it's in the pipeline!
|
|
|
|
Post by pepperpot on Jan 10, 2014 22:44:01 GMT
Not sure if this has been suggested, but a small column in the 'my account' page beside each loan showing when the next payment is due would be very useful to plan cash flow, instead of having to access every loan individually to check when next tranche is due! Hope it's in the pipeline! Good idea, not too big a problem at the moment, but when I've got hundreds(!) of loans to trawl though... The loan parts list on FC is very user friendly, hint hint 
|
|
|
|
Post by Duane Dibley on Jan 11, 2014 17:55:58 GMT
Maybe it's just my pc, but I don't have full functionality using the Opera browser.
For instance the Rate Distribution Graph, the Bid Activity or the hours remaining (just the days).
|
|
mikes1531
Member of DD Central
Posts: 6,453
Likes: 2,320
|
Post by mikes1531 on Jan 25, 2014 22:32:59 GMT
Here are some niggles I have with the sign-in screen... - When I arrive at that screen, I have to click in the first box in order to start entering my email address. Why not have the cursor start there automatically, and save everyone having to navigate there?
- Similarly, when I arrive at the 'memorable data', why not start with the cursor in the input box rather than making the user click in the box first?
- Related to the above, I find it off-putting that as soon as I do click in the memorable data input box I am presented with a red X -- as if I've done something wrong. (I'm may be being overly sensitive here, but I do find it irritating.)
- I think I've suggested before that I'd like to have the option of having the sign-in page remember my email address so that I don't have to key it in every time. It's not as if this is data that only I know. If it's handled via a cookie on my PC, then it's only a security issue if someone else has access to my PC -- and if they have that then they can find out my email address easily enough. So what is the advantage of making me type it in every time?
|
|
|
|
Post by oldnick on Jan 25, 2014 22:51:00 GMT
Here are some niggles I have with the sign-in screen... - When I arrive at that screen, I have to click in the first box in order to start entering my email address. Why not have the cursor start there automatically, and save everyone having to navigate there?
- Similarly, when I arrive at the 'memorable data', why not start with the cursor in the input box rather than making the user click in the box first?
- Related to the above, I find it off-putting that as soon as I do click in the memorable data input box I am presented with a red X -- as if I've done something wrong. (I'm may be being overly sensitive here, but I do find it irritating.)
- I think I've suggested before that I'd like to have the option of having the sign-in page remember my email address so that I don't have to key it in every time. It's not as if this is data that only I know. If it's handled via a cookie on my PC, then it's only a security issue if someone else has access to my PC -- and if they have that then they can find out my email address easily enough. So what is the advantage of making me type it in every time?
Now you mention it, those things mildly bug me too.
|
|
bugs4me
Member of DD Central
Posts: 1,845
Likes: 1,478
|
Post by bugs4me on Jan 25, 2014 23:09:57 GMT
Here are some niggles I have with the sign-in screen... - I think I've suggested before that I'd like to have the option of having the sign-in page remember my email address so that I don't have to key it in every time. It's not as if this is data that only I know. If it's handled via a cookie on my PC, then it's only a security issue if someone else has access to my PC -- and if they have that then they can find out my email address easily enough. So what is the advantage of making me type it in every time?
This suggestion would be an excellent step forward in my book. Maybe AC don't trust users to keep their PC's secure.
|
|
mikes1531
Member of DD Central
Posts: 6,453
Likes: 2,320
|
Post by mikes1531 on Jan 26, 2014 4:06:21 GMT
Here are some niggles I have with the sign-in screen... - I think I've suggested before that I'd like to have the option of having the sign-in page remember my email address so that I don't have to key it in every time. It's not as if this is data that only I know. If it's handled via a cookie on my PC, then it's only a security issue if someone else has access to my PC -- and if they have that then they can find out my email address easily enough. So what is the advantage of making me type it in every time?
This suggestion would be an excellent step forward in my book. Maybe AC don't trust users to keep their PC's secure. That may be, but if the PC isn't secure then what difference would not allowing the retention of the user's email address make? That has to be the most easily obtainable sign-in item. And even if the intruder has that, they still need the important info -- the password and the memorable info. So I really can't see a significant risk increase. If you want risky, consider that if the intruder manages to get logged in, they could transfer any available cash out to their own bank account! That one really does bother me. I'd like that bank account info to be in the system securely, and not easily changed. And in truth, the most likely problem with the current system isn't the intruder, it's the fat-fingered user who mis-enters their details and sends their own money off to the wrong account. My own potential ineptitude scares me more than the hacking risk!
|
|
|
|
Post by bracknellboy on Jan 26, 2014 8:58:13 GMT
A number of sites I use - and I'm sure plenty of others on here - have a 'remember me on this computer' facility. I think that is reasonable: its optional.
|
|
|
|
Post by batchoy on Jan 26, 2014 9:40:13 GMT
A number of sites I use - and I'm sure plenty of others on here - have a 'remember me on this computer' facility. I think that is reasonable: its optional. It all depends on how secure you think your computer is. Out of 10 field sales staff that I work with and who work from home, I have had one had his home office window smashed and his laptop stolen and one had his house burgled and his desktop stolen. In the latter case because he and his wife could not remember all their userids and passwords they had their browser save them, they also wrote the main access password along with any userids and passwords that they couldn't store on a post-it which was stuck to the front of the tower. Suffice to say someone had a field day with the information and it took a couple of months to realize that although his credit and debit cards had not been stolen he needed cancel them, change his bank account, email addresses and re-think what information he used when asked to provide personal information for security questions. Personally I'm wholly against having sites remember ID information be it deliberately through cookies or by allowing browsers to do it. I also dislike the use of bio-metric style questions for security purposes because of the issues that arise should they become compromised, and with the advent of social media unless you lie, a lot of the answers can be retrieved or surmised through a simple trawl of Facebook. Having said that FB is a fantastic tool for carrying out DD for P2P lending, its amazing what you can find out about people, and how many glowing testimonials actually come from best mates or their partners. PS in the case of the laptop it was just as insecure despite having a 10 character password, namely: qwertyuiop
|
|
|
|
Post by chris on Jan 26, 2014 10:30:25 GMT
A complete review and update to the way people sign in to the website is in the pipeline but won't be until Q2 at the earliest. As batchoy says it's not considered good practice to have the site remember any of your login details and when we had our auditors review the websites security they did comment that we were doing it the right way and made various recommendations to improve security. Some of them were a little ridiculous in my eyes (such as minimum 18 character passwords) but reflected current thinking in corporate security. We need to carry out a thorough review of all their recommendations, add in our own ideas, and work out what actually makes sense for our users. A much overlooked factor in security is that it should provide some level of convenience - if you make it too inconvenient for people then they either don't use the service or take their own short cuts which devalue or completely compromise the security choices you're trying to enforce. So I don't know exactly what we'll end up doing yet but I'll do my best to find the best of all worlds - well as much as is possible anyway. |
|
|
|
Post by bracknellboy on Jan 26, 2014 10:49:24 GMT
A number of sites I use - and I'm sure plenty of others on here - have a 'remember me on this computer' facility. I think that is reasonable: its optional. It all depends on how secure you think your computer is. Out of 10 field sales staff that I work with and who work from home, I have had one have his office window smashed and his laptop stolen and one have his house burgled and his desktop stolen. Quite: which is why I always choose to NOT be remembered. But at least I have the option.
|
|
