Can someone list with references / evidences if possible, why we don't see much AJAX in secure web applications like internet banking?
For instance - Internet banking has a list of tabs for Accounts, Payments, Tools, Reports. Normally you'd see these implemented as links to different pages. Why couldn't you just have one page and use AJAX to load the content of the different tabs? (eg. a JSF RichFaces tab control)
I'm assuming that bookmarking and handling the back button (or disabling it as is common for internet banking) for the different URLS will be handled in either scenario. So I'd like to hear other things, like how it could affect security, performance etc?
My team is about to start building a web based payment management system (think setting up payments, managing client account balances, reconciliation etc.). Its not going to be making the actual payments, but it will at some point integrate with a leading bank's internet banking system.
We're divided over using one page and using AJAX for everything else
or
using AJAX only where its really helping user experience.
I have a counterexample for you. I'd say mint.com fits into the same category as internet banking sites, and they make heavy use of Ajax. I'd also hazard a guess that their security is better than most banks, but I have no proof of that. The banks just "feel" like they're cobbled together by Highly Paid Consultants, rather than developers who know what they're doing. Mint is a fairly recent startup, and their site design still shows the control the developers have/had.
Ajax can improve usability but adds complexity.
Banks need security.
Complexity is the enemy of security.
Therefore Ajax is the enemy of Banks ;)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With