There’s still plenty of steps that your bank app can (and will) take to verify this is as intended. Requiring the user to “parse” the URI is not scalable anyway, the app needs to present the information clearly (i.e. “Do you really want to transfer 123.45€ to IBAN abcd, you have not transferred money to this IBAN before, the IBAN indicates a bank in <country>” where the money amount is clearly highlighted).
I agree, still having to input the money manually is the best failsafe, how many people are used to just automatically hitting whatever button to make a message go away for example (even more with the cookies), best failsafe is inputting the money manually, you’d never mistakenly/automatically do that.
There’s still plenty of steps that your bank app can (and will) take to verify this is as intended. Requiring the user to “parse” the URI is not scalable anyway, the app needs to present the information clearly (i.e. “Do you really want to transfer 123.45€ to IBAN abcd, you have not transferred money to this IBAN before, the IBAN indicates a bank in <country>” where the money amount is clearly highlighted).
I agree, still having to input the money manually is the best failsafe, how many people are used to just automatically hitting whatever button to make a message go away for example (even more with the cookies), best failsafe is inputting the money manually, you’d never mistakenly/automatically do that.