[Kmymoney-devel] libOFX question (relates to recent OFX failures with Chase credit card downloads)
Michael Wolfe
wolfemi1 at gmail.com
Thu Dec 10 14:20:40 UTC 2015
As a side note, I am also having this problem; I wasn't aware that there
was something Chase was expecting KMyMoney to send back.
If anyone needs testing for a fix with Chase Bank, I'm available to do
so if there's a testing version available for Windows (or alternatively
some handholding with a code patch so I can build it myself!).
-Mike Wolfe
wolfemi1 at gmail.com
On 12/10/2015 4:53 AM, Thomas Baumgart wrote:
> Hi,
>
> On Wednesday 09 December 2015 19:38:08 Jack wrote:
>
>> Some of you may have seen some other posts I've made about this, but I
>> think I've tracked down the problem.
> Thanks for the information. That helped a lot to identify what's going on.
>
>> Background: last month Chase credit cards made a "security enhancement"
>> change that has made all OFX downloads since 11/17 fail. The error
>> message says to got to the Chase secure message center for info on how
>> to verify your identity, but no such message ever appears. The section
>> at
>> http://wiki.gnucash.org/wiki/Setting_up_OFXDirectConnect_in_GnuCash_2#Chase_
>> .22username_or_password_are_incorrect.22 indicates the need for using a UID
>> (user id) within the OFX request. It looks like they associate that user
>> UID with the account, probably to limit access. However, the first time
>> they see a UID on an OFX request, they should generate a PIN and send it to
>> your account at their Secure Message Center. You then use that PIN on
>> another page the message links to. I suppose since KMM isn't sending the
>> UID, they don't generate that message.
>>
>> So - I don't see any place in KMM for a user UID. In fact, looking
>> into the libOFX source, I see the UUID type defined, but no element
>> defined as that type which looks like a user id. Can someone confirm
>> this is correct, and if so, does this need to be brought up on the
>> libOFX list before there is anything that KMM can do? (Other forum
>> messages I've seen seem to indicate that aqbanking can handle this, so
>> I'll see if I can get this set up, but I hate to spin my wheels if
>> someone can provide a more definitive answer.
> I took a look into the OFX spec (version 2.1.1) and found chapter 2.5.1.1.1
> "Client Unique ID <CLIENTUID>". In short, this is a uid generated by the
> client (KMyMoney). Here's the paragraph of the spec (© 2006 Intuit Inc.,
> Microsoft Corp., CheckFree Corp. All rights reserved):
>
> ---8<---
> OFX servers can require OFX clients to include a client ID in each signon
> request. This client ID should be unique to the installation of the client
> software, but the method that the ID is generated is left up to the client.
> The server can specify that this field is required using the <CLIENTUIDREQ>
> tag in the applicable <SIGNONINFO> section of the profile. Servers should
> expect that users may connect via OFX from multiple locations and may need to
> associate more than one <CLIENTUID> value with their <USERID>.
> ---8<---
>
> Would be interesting, if you see the CLIENTUIDREQ in the SIGNONINFO message of
> the server. One can (at least could) enable logging for OFX traffic in some
> way. Don't know, if that is still available. Will have to check.
>
>
>
>
> _______________________________________________
> KMyMoney-devel mailing list
> KMyMoney-devel at kde.org
> https://mail.kde.org/mailman/listinfo/kmymoney-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kmymoney-devel/attachments/20151210/67df04d4/attachment.html>
More information about the KMyMoney-devel
mailing list