It's incredible to me that you can give your bank information away to a company and they can withdraw whatever they like.
There's a bunch of companies (utilities such as power companies, for example) that allow an individual to set up such direct withdrawals. They also seem to let you do this without any kind of special authorization from the bank -- I've done this many times and I've never been forced through any kind of bank login to authorize them to withdraw money.
In Norway, you have two systems ("avtalegiro" and "autogiro") for direct debit. You have to go through the bank to authorize the setup, and you have to specify a max amount. There's also a system called eFaktura where companies can send digital invoices to your bank account; paying them requires going into your bank's app and approving each one individually.
Anybody in the US can try and pull as much as they can. This is a very old system going back before electricity. Paper checks signed by pen sent by mail (horse back) to banks. They checked that the signature on the check matched the one on file and released the funds. This system worked in that era but now someone gets your bank account number and can use it online to pay for something without a signature and banks don't really verify anything.
Someone I know had checks stolen and the people used the info on the checks to pay their electricity bill. The police were notified and even though they new exactly where these people lived, did nothing. The only thing to do is close the account and open a new one. What a stupid system for the user, but the banks don't care enough to change it.
There's a bunch of companies (utilities such as power companies, for example) that allow an individual to set up such direct withdrawals. They also seem to let you do this without any kind of special authorization from the bank -- I've done this many times and I've never been forced through any kind of bank login to authorize them to withdraw money.
In Norway, you have two systems ("avtalegiro" and "autogiro") for direct debit. You have to go through the bank to authorize the setup, and you have to specify a max amount. There's also a system called eFaktura where companies can send digital invoices to your bank account; paying them requires going into your bank's app and approving each one individually.