George Warfel
George Warfel Jun 22, 2018

Facebook’s foibles and lessons in payments trust

For much of the past decade, banking and payments have confronted the challenge of social media and its ensuing revolution. Some see social media as a place to meet customers. Some continue to work out how to use it most effectively as a transaction platform. And still others explore how best to use social media as an advertising outlet.

Meanwhile, many social media-based payments systems emerged as alternatives to bank-based payments models. In almost all use cases, the payment comes at some point from a bank account or ends up in one. But the bank’s role in assuring a smooth process—accurate, safe, on time and confidential—has been pushed into the background. Sometimes, it sits so far back that payments customers don’t always see the bank’s role and focus only on the payment’s social aspects such as people splitting a lunch tab.

Now the payments industry stands at a crossroads that, if it fails to negotiate it, comes at a perilous price. This centers on the violation of accepted privacy and trust norms, as exposed by the startling revelations about Cambridge Analytica and Facebook.

This gives rise to the question: Will the trust that girds how banks serve a customer’s payments requirements move to front and center? The answer isn’t so much yes or no as this: It must. If the bank-based payments industry lost payments volume to a new-media challenger, that loss could be absorbed. But if the industry loses customer trust, it’s game over.

Social media sells out?

Trust matters. Will a person use a trusted payments system more expensive than the non-bank alternatives? Sure. We’d probably send a wire when speed and security are essential. One that is slow? For a long time, some payers saw slow clearing times as a benefit of using checks. And the payments industry is pouring billions into safe, secure and private faster payments systems. One that is at times clunky? A letter of credit, even with today’s electronics, poses assembly and process challenges. But volume remains strong and banks perform almost all such transactions. Safely adapting blockchain for payments? A consortium of banks leads the largest such effort. And the quickest one off the ground is co-led by a blockchain technology pioneer teamed with respected banks.

I doubt that many bank customers would knowingly use a payments system that secretly scrapes personal information about the payer and payee—and sells it to anyone willing to pay for it. Most of the public trusts banks to not abuse payer/payee personal data in the name of eking out extra profit.

Let’s be clear about the major differences between social media companies and banks. Facebook’s admitted practices with people’s data does not represent some artifact or minor business practice: It drives their business model and the profits that result. Now put those business and profit models in the context of a financial institution’s payment data winding up in some form or another on a dark web auction, up for grabs to the highest bidder. This could include:

  • payers’ and payees’ names and electronic addresses
  • account types and domiciles
  • payment amounts
  • the purchase itself
  • the type or name of company where it was purchased.

Imagine all those details secretly sold to a deep-pocketed buyer, anywhere in the world for any use. Especially on a global scale, this information would include enough data points that when collected across a specific payer’s or payee’s hundreds or thousands of payments, could provide insight well beyond that realm. Imagine your company’s strategies, alliances and proprietary business methods compromised. New technologists like to label it “sharing,” even though the knowledge of what they’re doing certainly isn’t shared openly with users. For them, the damage potential ranges from exposure and maybe embarrassment at the individual level to, at the company level, falling prey to a not-so-distant cousin of corporate espionage.

So far, no major financial institution or payments company has been found selling private customer payment information to the highest bidder without customer approval. But some companies bury the regulatorily required customer “opt out” policy deep in pages of incomprehensible disclosure text. For some, that practice too closely echoes Facebook’s now disgraced approach. Obscure disclaimers may meet regulatory requirements. But they do not build trust.

Banks and payments companies can learn much from social media—including the potential damage if, like a social media company, we were found providing our customers’ payments data to any global purchaser for purposes our payments customers never intended, regardless of whether they had checked all the opt-out boxes.

We must understand the importance of Facebook’s rude awakening. Customer trust is more safely maintained by not selling personal data without clearly granted permission. No matter the profit yielded from a data selloff, far more profit—financial and relational—results for banks that act as a trusted payments partners. Or if you prefer, trust in payments repays itself.


Want more Banking Strategies? Sign up for our free newsletter!

George Warfel has worked in banking and payments for more than thirty years at SRI International, IBM and PwC. He can be reached at gwarfel@haddonhillgroup.com.


If you enjoyed, this article, check out: Some banks fear Amazon—but here’s what Amazon fears.

BAI Banking Strategies

Thank you for visiting BAI Banking Strategies. To view more, please Subscribe or Login.

Dismiss