Online donation batches - Log in approvals

[cchang]

Currently it takes two users to approve the tithing donations online. Is there currently an enhancement feature to have the secondary approver log in their credentials while logged into the first approver's account that is entering the donations already? Similar to approving an expense where there are two rows for both approvers submission on the same screen. Basically it's annoying have to log out and the secondary log in and approve in their account and then the other users has to go back in their account and log out.

[eblood66]

I have no inside information but I doubt that will happen. In fact, I expect the check approval will eventually be changed. i see two reasons why it's done the way it is for donations, both of them security related.

First, by using the standard login it automatically supports two factor authentication for those users who have configured it. Supporting 2FA in another place in the code would add considerable time and effort.

Second, best practices for authentication now-a-days is to use a single login interface and a single implementation of the authentication code. It can be very tricky to correctly and securely handle the login process without opening holes for attackers. By only writing that code once you can expend the effort to ensure it's done right. Every time you add a new implementation you risk opening additional security holes. In addition, based on how the church's login page loads I expect they are using a 3rd party authentication provider (specifically Okta). This turns that responsibility over to an expert and again reduces the likelihood of flaws in the process. They would loose much of that benefit if they add additional non-standard logins.

I'll also note that the audit system (LUFAS) used to have the bishop just enter his password at the end of the audit to acknowledge it. But it's been changed so that he has to now log in separately and do the acknowledgement.

Unfortunately, this is another case where security causes a less user-friendly experience. But given the sensitive personal and financial information connected to a church account, I think they do need to be very security minded.

[jpjones~ogr]

I wonder if the second approver could essentially be waiting in the wings, with a private browser tab or window, a second browser (Chrome versus Edge, or Firefox) simultaneously running, or logged-in on their hand-held device. Private browsing tabs / windows can be useful for troubleshooting some web related issues, as well as preventing browsers from remembering personal log-in data.

Hopefully second person approval doesn't have to be via the unit PC and same browser.

[eblood66]

For donations I believe that the second approval does have to be on the same device (at least that's what it said in the email from the church when online donation processing was enabled for our stake). I'm not sure exactly how they try to check for that so I don't know whether a second browser or private mode would work.

[jpjones~ogr]

Verifying device might be by IP address for the PC, or something like it.

We've been delaying using LCR for recording donations because the early version of the process was essentially broken. I think we'll test second approval variations to see what limits there are.

[Biggles]

Paraphrasing here, but don’t both the approvers have to be the ones who processed the donations together, as per the standard donation process? This is no different to using MLS for batch approval.

Meaning that the approval process can’t be done remotely!

[jpjones~ogr]

Sorry. What I'm thinking is having a clerk at the unit PC and a bishopric member next to the clerk but on his personal device, or having two web browsers open on the unit PC (one with the clerk logged in, the other with the bishopric member logged in). If either of these approaches works it could save a little effort and time, especially considering the relatively slow and sometimes glitchy unit computers we tend to have, as well as the usually heavy Sunday Church website traffic. Batch processing via MLS developed to working quite well. Our initial foray into LCR processing kinda hurt. This'll date me a bit, but I remember calling in donations totals.

The financial buddy system is non-negotiable, but folks tend to want to get back to their families as soon as possible. Then, if I can somewhat mitigate the impact of new rules I tend to get better compliance, or at least less grousing about them.

[lajackson]

Sorry. What I'm thinking is having a clerk at the unit PC and a bishopric member next to the clerk but on his personal device, or having two web browsers open on the unit PC (one with the clerk logged in, the other with the bishopric member logged in).

I would just try it and see if it works. Someone here at the forum may have tried it and will pipe in. Best case, it will work. Worst case, the counselor will not be able to access the batch until the clerk signs out. Or his sign on will force a sign out of the clerk. Even if that happens, the approval is done, then the clerk signs back in to finish up.