TD Canada Trust EasyWeb Repair

By GossamerGremlin Last update Sep 11, 2007 — Installed 573 times.

Script Summary: Repairs TD Canada Trust EasyWeb website bugs so that those using a cookie manager may access their accounts.



Some time in May or April of 2007, the web application developers for TD Canada Trust's EasyWeb (https://easyweb.tdcanadatrust.com/) revised the site's JavaScript and introduced a critical bug which prevented any further access for those using a cookie manager with their browser. It is actually being generous to call this a bug. What they have done is to make it a requirement that you accept all cookies from all websites on the planet before you are allowed to use EasyWeb. Allowing cookies for just their domains is not sufficient.

A similar bug has actually been in EasyWeb code for a very long time, but it's consequences were nothing more than an annoying popup that could be clicked through and ignored. The error in both cases is one that demonstrates a lack of technical understanding by the developers and confirms that minimal testing is done by the EasyWeb team. The explanation and fixes for both bugs are trivial and were provided to TD Canada Trust on May 10th of 2007, but trying to help them address this very critical customer issue has been a long, very difficult, and fruitless process. In short, TD Canada Trust personnel from the bottom (telephone support) through multiple levels all the way to the top (TD Ombudsman) have no particular interest in addressing this issue. Despite the fact that the fixes are trivial and would reinstate customers' ability to access their personal accounts, they've decided the fixes constitute a "major upgrade" and cannot be achieved before an unknown time in the fall of 2007 or early 2008.

Why do some of us use cookie managers? It is because we realize that accepting arbitrary cookies from arbitrary websites is a threat to our privacy and even our security. So we can reasonably conclude that TD, a major banking institution, employs developers with little or no appreciation of privacy and security issues, as well as management personnel who are neither interested nor concerned that the privacy and security of their customers (and indeed their own institutional systems) are placed in jeopardy by their actions.

The Greasemonkey script I present here repairs the critical one of the two bugs so that users can regain access to their EasyWeb accounts. Unfortunately it does not appear to be possible to suppress the longstanding but merely annoying popup that claims cookies are disabled. However, if you use a cookie manager and have otherwise allowed cookies for all of "tdcanadatrust.com", this script is a workaround until such time as TD Canada Trust sees fit to correct the problem.

For anyone that's tried to get customer support for EasyWeb, you know that if a problem can't be solved immediately during the telephone call, it stands a good chance of never even being looked at without many, many telephone calls and emails. Nonetheless, I strongly encourage you to call and complain about this problem (English: 1-866-222-3456, option 0). For your reference:

Kevin Tokarz (EasyWeb telephone support)
Joseph Pyne (EasyWeb Senior Manager)
Panagiotis Kallias (Senior Product Analyst, TDCT Electronic Channels)
David M. Fisher (TD Ombudsman)