No Going Back | July 14, 2004
I bank with First Direct. They were one of the first "telephone only" banking services in the UK and were amongst the first to adopt internet banking.
I've been pretty happy with their online service despite the fact that - until recently - I've not been able to use Safari to access their site. The one annoying thing is that the banking screen is popped open in a window (sans toolbar) to prevent you from using your back button. If you do attempt to go back - using the keyboard for instance - you get the following message.
Your internet banking session has been closed.
This was because either:
- the service remained unused and was timed out for security reasons, or
- you attempted to page backwards
Thank you for using first direct internet banking.
Now the first dozen or so times this happened it really annoyed me. However like a dog that gets electrocuted every time it tries to eat a bone, I eventually learnt not to use my back button on the site. I do sometimes forget, but generally the conditioning has worked.
Now I've always thought not allowing people to use the back button was kind of odd. I've experienced it in other places as well - usually at the end of filling in a multi page form - and the reaction I have goes from the mild annance to extreme frustration. I was never sure if it was a failing of the site designers or if there was actually some deeper reason.
A friend contacted me today about an email he'd received from his online bank Smile, explaining that they were also planning to log people out if they tried to use the back button. Being a developer himself, he contacted them to ask why it was necessary, and this is the answer he got back.
A lot of investigation went into maintaining the functionality of the buttons, however no acceptable, secure way was found to prevent this behaviour without affecting the site's accessibility and compliance with web standards. This is not likely to be changed.
Now I'm not really sure what these security issues are or how addressing them would have impacted on the sites accessibility or compliance with web tandards. If anybody could spread some light on this I'd be grateful as - at the moment - I'm just confused.
Posted at July 14, 2004 9:26 PM