Product Fails – Online banking Email Alerts

For some time I have been both impressed and baffled by the effectiveness of transaction alerts in the banking sector.

To put things in perspective, I would be looking specifically at email transaction alerts from some of our banks. SMS alerts are good but most times provide just about enough information to tell you that there was a credit or debit transaction on your account.

Overall, and I’m not being biased to favour any one bank, but I think Guaranty Trust bank provides the fastest email services for transaction alerts in Nigeria. This is purely based on my experience and not on a general consensus or extensive research.

On the other hand, considering the speed at which Diamond bank is able to send SMS alerts for transactions, I wondered why their emails were coming in almost 24 hours after the transactions were made. In one occasion the same emails came in multiple times the same day, given the impression of multiple transactions.

In order to better understand what was going on at Diamond bank with their email alert system, I examined the email headers that I received with my transaction alerts.

So here’s what I found out.

  1. The emails are created and dispatched right on time at the exact moment the transaction is recorded in their ERP application.
  2. Next, another server mbankerpro-ho ( processes the emails and hands them over to the next server in line which is
  3. Now this server ( seems to be the bottleneck in the system as it takes a lot of time (over 6 hours) to transfer the emails to the edge server that is responsible for sending out the emails to the world. From the headers this server appears to be running a version of Microsoft SMTP server with id 8.3.348.2.
  4. The emails are finally dispatched by the edge transport server ( which does a good job of dispatching emails in record time to the final recipients – you and I, the account holders.

With this I think there is a need in this bank and probably in some others for an upgrade to their internal email processing system. It appears that the queue is somehow being processed very slowly or probably being processed in an ad-hoc method.

Also, it is important to note that the edge server does not have a valid SPF record which makes it a candidate for spoofing and fraudulent emails. I wouldn’t go heavy on the absence of DKIM records for signing these emails but this one is also good to have.


50 Free Courses in the Technology Section of Udemy

Here’s a nice list of free IT courses on
You can check out my short list of sites providing reliable online education here


Below are a list of 50 free courses in the technology section of Udemy. I had to comb through 87 pages to find this. I teach the little I have learned in my 10 years of programming on my training blog Truston Teaches Tech.


View original post

Beware of ISPs Data Cache – The Evils of Session Collision and Data Mix-up

If you’ve ever spent 2 or more hours trying to figure out why a perfectly working system suddenly begins to misbehave for only a select few people then you will easily relate to the rest of this post which I’m about to share with you.

After receiving two calls following an email with the same issue which I had never heard of or experienced, I decided this was it – This Means WAR (me on the one side and the problematic system on the other).

Eye Looking Over Person On Computer

Looking through the carefully stacked mini optimized web server running Apache, with MPM-Worker, having a protective DNS layer caching system with DDos protection, I knew this would be another onion peeling exercise – hopefully there would be no tears in this case.

An application I  had built and maintained for a client using the popular CakePHP framework and the technologies listed earlier had suddenly started sharing customers’ personal details between selected users at its own leisure.
Two customers had called and emailed my client claiming they “no longer felt safe” with this platform. In order to stall the crisis and provide more resources for the investigation (debugging), I asked my client to request for a screen shot from the affected users.

I was having other clients projects concurrently running and time was ticking on all of them. What do you do when you have problems attacking you from multiple directions?

To cut to the chase, I had no option left but to put out the fire in the house before trying to build up other storeys.
I stopped work on the other projects and then started with the first layer of the problem – localhost.
After conducting several tests on the app on localhost I knew there was no problem locally, and this had to be a remote live occurrence.

So quickly I switched to the first level of caching before the customers – the DNS cache. After turning this off I felt relieved and said to myself, now this problem should be gone. So I sat back and relaxed, only to receive another call moments later with the same complaint.

So this did not work and I was back to the problem again. Personally, I had not experienced the problem and it seemed strange and unfounded to me that this could really be happening.

The next attempt to resolve this could not have been at a better time. My high speed internet service provider was out of reach and I had to fall back to the GSM “broadband” modem. Right on the spot the phone rang and my client was explaining to me that they were on a live chat session with a customer who was experiencing the problem as we spoke.

Quickly, I sprung to action.

1. Check all the server logs

2. Check the database server for running queries.

3. Find out if there’s any system performance degradation or failure.

All of these led me to nowhere, just a few slow queries without any relationship to the main problem. Then I refreshed a page on the app which a user had earlier sent in with the mixed up data. And voila! I’m seeing another user’s information.

This was really creepy… It true, it appears my application is going bonkers.

Not the kind who easily gives in to defeat, I decided to do something out of the blues. I checked my IP address (41.190.2….), then checked the IP address of the users who had been complaining. The result was an astounding message to me which would fuel be my will to write this post detailing my experience. We were all using the same ISP at that moment within the same internet number range –

Suddenly my AHA moment had come. I almost would have screamed to myself – damn you EMTS!!! So this is your idea of incredibly fast internet speed with easy blaze! Caching page results for websites which clearly specify no-cache in their headers, then serving the most recent of those pages to every and any user on your network that requests for them. This is evil as I could end up looking at the private pages of a Facebook profile of someone on the street assuming we both access Facebook without HTTPS.

Surely, EMTS was saving bandwidth using this method, but they were also corrupting and mixing up people’s data along the way.

Hopefully they would resolve this soon. But rather than wait for a solution from them (if ever they realize that it’s a problem) and cause my clients more heartaches, I will have to quickly implement a random generator plugin to add random strings at the beginning of each users request.

If my hypothesis is right, this should prevent their caching server from caching every result as the same, while serving only unique requested pages to the correct user from whom the requests originated.

Get Disqus To Load in Firefox and Other Browsers

I am someone who loves simplicity in getting things done, and one of those things happen to be commenting on sites.
Having subscribed to the Disqus commenting system a while back, I decided to test their new features when they rolled out. It turned out that the new generation Disqus wouldn’t load on my Firefox browser.

So I looked up online for a solution and all I could see kept pointing me in the direction of plugins and all other non-effective solutions.

Finally I saw a post on the Firefox support forum that discussed this issue. Quickly my thoughts swung towards the plugins I had installed.

Being a web developer I have always used Firebug and Web Developer plugins for manipulating the DOM and other necessary functions. However, this time I remembered one setting that was not necessary. I had Disabled Referrers.

This was the culprit! Once I unchecked this option under the “Disable” drop-down link in Web Developer, Disqus was back in business!

Here’s a small screen shot  of what it looks like.

Uncheck Disable referrers if disqus is not loading

What the Heck Can We do With Our GIS?

Reading this article on the Mindsumo blog I remembered not too long ago we had engineers in Lagos aggregating GIS information for the state.

So I wonder today, where is this information and how can we (residents) leverage it or build innovative solutions that would solve some of the city’s pressing challenges?


Following below is an excerpt of the post:

According to the worlds greatest source of knowledge, the legendary Wikipedia, a Geographic Information System (GIS) is a system designed to capture, store, manipulate, analyze, manage, and present all types of geographical data. Put a little more simply, a GIS is the merging of cartography, statistical analysis, and database technology. Put even more simply, it tells you the stuff that’s in an area, bro.

A GIS contains a record of the geographical information in an area, details on what occurs there, and can predict what the consequences of changing the geography would be. For example, engineers use a GIS before deciding to build a new road to determine if it will even have a positive impact on traffic flow in an area. One could also be used to find a suitable location for a construction project by searching for an area with 5,000 square meters of free space, soil types appropriate for the scale of the building, and within 500 meters of a road. A wide variety of information about traffic habits, elevation levels, population density and socio-economic factors can be recorded and put to use in a GIS.

The question we want answered at MindSumo is: What would you do with one? How would you build a more prosperous and industrious city using all the different types of geographical information available? Build windmills to provide power in large flat areas? Gather the largest construction projects in the areas least prone to an earthquake? Place housing at the top of hills to avoid flooding? There are infinite ways to use the vast amounts of data we are now able to gather about the areas we live in, so how will you work them to your advantage?

via The Mindsumo Blog

Personalized Self Uploaded MTN Caller Tunez – Setting it up

How to subscribe to MTN Caller tune service

Here is how you can easily set up the caller tune on your MTN powered mobile phone:

– Dial the caller tune zone on 4100 and listen

– Press 1 to download a new caller tune

– Enter the caller tune code for the song you want

– End it with a hash(#)

– Follow the voice prompt to complete your subscription

Your new caller tune will now be set up and in a few seconds, you will receive a text message:

“Your callertunez was processes successfully”

How to set up a DIY(Do it yourself)/Personalized/Customized MTN Caller Tune

So you might already have or have not subscribed to the callertunez service. Now what about if you just want to create a tune by yourself and upload it to MTN server? Well MTN Nigeria allows you to do this in the set up referred to as DIY caller tunez service.

To set up DIY service, here’s what to do:

– Dial the same Caller tune zone on 4100

– Press 4 to DIY your favourite song or tune

– Then press 1 to begin

– After the beep, record your tune to the phone e.g voice or song from your background (Limited time allowed)

– Press # when finished

– Listen to the tune when replayed

– Press 1 to submit it

– You would hear a voice feedback telling you that you have succeeded. You will receive a text message shortly.


It appears dialing the MTN Callertunez zone 4100 is not free as you will be billed for the time you spent on the call.

Also, the service costs N50.00 per month and for every caller tune set up for your phone.

You can browse some preloaded caller tunes on the MTN website at:

via EconomicPot


Developers Parapo October At Co-creation Hub Lagos

In this month’s event, we get to talk directly with the guys at the top financial switching providers in Nigeria.

After so much rambling and questions Mr. Femi Ogungbamila talked to us about a number of new and planned products in the pipeline.

Basically, Interswitch promised to provide a self-service sandbox for new merchants to test their applications.

Also if you have information you wish to share with Interswitch urgently you can send an email to to get rapid responses from Interswitch.