I think most of the applications (like the ING example) have the recipient supply that information to the sender's bank, not to the sender himself.
Not totally sure it works that way in Europe, but I think so.
In Europe it works like this: If you want to receive money, you give the sender your bank account number. The sender can then transfer money to you using his bank's website or mobile phone application. There is no risk involved, because knowing somebody's bank account number only enables you to send them money -- but not to withdraw money. Transactions are usually free, but take one to three work days to complete.
That doesn't address the error-prone nature. I don't know off the top of my head my account number or routing info. Looking it up is a pain and typing it in can be done incorrectly. This isn't something I want to do regularly.
I'm also not clear how the recipient supplies their info to the sender's bank. If I don't have an ING account, how can they verify that I'm me, and not someone else who's pretending to be me in order to intercept the transfer? As I recall, when I've done wire transfers, I've always been given the account info of the recipient for me to provide to my bank (but I haven't done this very frequently).
Edit: I just saw your other reply where you describe the ING app. I guess that works, but it's rather unfriendly. I'm always a little wary of high-security stuff (such as money transfers) that depend on email, too, but that's also an issue for Dwolla and probably a lot of the other payment startups.
> I don't know off the top of my head my account number or routing info. Looking it up is a pain and typing it in can be done incorrectly. This isn't something I want to do regularly.
But how is that any different from a credit card number? I have all my bank info in my pocket, right on my Maestro card. No expiration date, no CVV code. Just an account number and a publicly-known bank number. If I'm authorizing a direct debit, that's all I have to enter.
As davidhansen said, a typo on a credit card number is likely to be an invalid number. In addition to that, I almost never give anyone my credit card number directly. I swipe the card so there's basically no chance that I'll get the number wrong. And the security is addressed by the credit card company, who guarantees that fraudulent or incorrect charges will be credited or reversed. There's no such guarantee with a direct debit, and that makes it a much larger security risk. (This is one of the reasons that Visa charges 2%, of course. You're paying for insurance.)
My guess would be the size of the collision space. Bank account numbers tend to be shorter, and depending on date of opening and institution, may have been sequentially assigned. It would be much more difficult to accidentally enter someone else's credit card number than someone else's bank account number. In addition, if you accidentally sent $5k to 61-019341 instead of 61-018341, chances are the recipient would be less than willing to be a good citizen and admit it was an erroneous deposit.
UK bank account numbers is a 6 digit sort code + 8 digits account number. The account number is unique for the bank, and assigned however the bank wants. It might very well have been sequentially assigned for some institutions.
The 6 digit sort code is unique for the bank branch across all UK banks, generally the branch on record for the account (most UK banks use the sort-code for the branch the account was opened at). Unless you happen to mistakenly enter an account number and sort-code that matches, and you manage to mistakenly enter the name of the account holder for that bank account, they'll usually catch it.
The situation is similar across Europe, so if this is a problem in the US, it's a problem of the banks own making, and one easily solved the same way it was in the UK: By adding a sort-code, and matching on the name as well.
In practice, you can't type an IBAN incorrectly. The checksum is good enough that I force myself to never check an IBAN I've typed - because I trust the maths.
