@Edent what baffles me the most is how a large bank with presumably tens to hundreds of security experts can put out a feature like this. They either spotted it (it’s quite a simple MITM attack that a security professional should pick up easily) and put it out anyway. Or they didn’t spot it at all. Either case is baffling.