The hype about mobile banking is legitimate as the technology continues to exceed adoption expectations, add exciting new features and appeal especially to youthful customers that banks once feared they would lose.
But its impediments are also real. Chief among them are four: security, customer experience, customer segmentation and application development. Is your bank rapidly solving these four challenges? It is an important question because mobile is one of those services with extreme first-mover advantage. Banks that miss the moment risk losing high-potential, high-profit customers.
Security. Since the cradle days of mobile banking, everybody knew security would be a challenge – not just making mobile secure but getting customers to trust it. According to Federal Reserve data, even among users, 50% are concerned about security and 60% of non-users of mobile banking cite security risk. That customers would initially suspect potential risks in such convenient, ubiquitous devices as smart phones and tablets is natural.
In response, banks diligently build multiple, conspicuous protective layers (VPNs, LANs, dual authentication, etc.) around known repositories of valuation information that criminals try to penetrate. As they detect financial information in motion, fraudsters track it back to its endpoint – mobile device, corporate computer, bank server and so on – and then attack that endpoint, hacking through all the layers and applications. Like heads of state who travel in ostentatious vehicles that they must bullet- and bomb-proof at great expense, banks make themselves targets unnecessarily.
Instead, some banks are opting for an entirely different approach that prevents them from becoming targets in the first place. As one banker put it, “Once hackers can ‘see’ my server, they can sit there anonymously on the other side of the world hacking away for months until they penetrate it, and I never know it. I can’t harden my fortress enough to stop them forever. But what I can do is disappear from their radar.”
In other words, banks are opting for solutions that first consolidate all information about the bank’s endpoints, allowing them to make the endpoints invisible to everyone not already explicitly designated as properly credentialed. Then the solutions create and distribute keys – virtual versions of safe deposit box keys, if you will – that must totally match before any information can reach those newly cloaked endpoints. If there’s not a perfect match, there is no response; the criminal might as well be pinging away at thin air. When there is no target, criminals go elsewhere.
Banks that use such measures will experience fewer target attacks – essentially focus less on security but be more secure.
Customer Experience. Mobile banking is plagued by the same shortcoming that afflicts almost every advance in banking – it’s siloed and not integrated with what has gone before. But when customers adopt a new offering or channel, they rarely do so “instead of;” rather, it’s “in addition to.” Customers want it all, on their own terms, and increasingly their own terms are established by the world’s most innovative online providers, such as Google and Facebook, where interoperability and integration are practically taken for granted.
Even if your mobile customers manage 90% of their banking business on their mobile devices, they will still expect to find all their transactions updated in real time when they show up in the branch for a major transaction, pull up to the ATM minutes after making a mobile deposit or call the call center with a question. Failure to provide a consistent experience will diminish customer satisfaction and confidence and ultimately erode loyalty.
Customer Segmentation. Thanks to investments in customer relationship management (CRM), big data and analytics, segmentation is a growing core competency in banking, but mobility raises a fresh set of segmentation challenges. The first involves the three uber-segments of mobile users: consumers, businesses and employees. Most banks have tended to focus on their consumer customers first, building apps for individual customers to bank online in the hopes of locking in the early adopter demographics.
Business customers bring a different set of needs and challenges, partly because of the size of their transactions, but also because they expect mobile devices to change the way they do business, not just how they transact with the bank, but how they embed financial services in their own workflow.
The third segment, bank employees, has its own set of mobile needs, especially those who work outside headquarters and wish to regularly access bank information and processes from multiple devices. In our recent discussions with U.S. bankers, we have discovered a surprising level of bank neglect of this segment – not in terms of security policies but in terms of mobile applications to facilitate the work of these mobile employees. Nothing fosters risky behavior like neglect, if these employees react by becoming complacent about accessing and storing sensitive information on unprotected devices that make their work easier.
Within those large segments are many sub-segments to be dealt with separately, especially in matters of security. Consider the 60% of non-users who cite security concerns; while multi-factor authentication might be considered a nuisance by heavy corporate users, nervous consumers would be comforted by additional layers. There’s a bonus for banks that get it just right. The more secure customers feel, the more they will engage and the more information they will share, making the bank’s relationship management job that much easier.
Application Development. When it comes to mobile app development, it often looks like the banking industry’s core competency of balancing risk and reward tilts too far to the risk side. When a mobile app takes months from requirements to release, first mover advantage might as well not exist. These are not core systems, after all; they are single-purpose apps often intended to perform a single function that will bind customers closer or make work easier.
Agile development can deliver great apps in weeks. Your competition in this arena is not the bank across the street but the hungry and fiercely competitive developer half a world away who turns out sophisticated apps in weeks or even days. And rapid development does not need to entail greater risk. It can even mean less risk when more testing can take place at more frequent intervals. It can prevent over-engineering and most of all make sure customers’ needs are met before they look elsewhere.
Mr. McGrath is global director of Mobility Solutions and Mr. Olson is vice president, Global Financial Services, for Blue Bell, Penn.-based Unisys Corp. They can be reached at firstname.lastname@example.org and email@example.com.