Digital banking: security and customer experience challenges
In every business, there is a constant pressure to maintain a competitive level of customer experience, security and price. That pressure changes as markets and technologies mature or advance. Banks, for example, are currently under a lot of pressure from their younger audience to offer more digital services. Coupled with a lack of demand for physical branches, the pressure has led to a dramatic increase in the amount of branch closures over the last 15 years — we’ve lost more than 50% since 1990, according to the Campaign for Community Banking Services. The recent announcement from RBS included the news that, in addition to closing 32 branches, the opening hours of many more could be reduced. It’s not alone; Lloyds and Barclays have posted their own branch closure warnings recently.
It very much looks like these brands are failing to offer the experience or the interactions their customers are looking for, especially when you compare their legacy systems to the raft of challenger banks that are growing in confidence with every announcement of further closures. With each press release, the Atoms, Moneses and Loots of the world gain further validation that they are in the right space.
If you look at other aspects of modern life — how we book taxis, how we eat, how we shop — you’ll soon notice that they are characterised by words like ‘rapid’, ‘online’ and ‘on demand’. It is these kinds of experiences that banks are competing with. Technology companies continue to disrupt just about every major industry, causing people to wonder ‘Why do I need to go into a branch to open an account?’ and ‘Why can’t I pay for things with my phone or spend £1,000 abroad without missing a beat?’
(It won’t be long before we stop calling them ‘technology companies’, as all companies become entwined with tech.)
It’s easy to go stale when you haven’t faced a challenge in a long time. Large banking incumbents have been happy to prioritise security and price over giving customers what they want for so long that they simply weren’t ready for the digital marketplace to evolve as quickly as it has. They also weren’t ready for the effect it would have on customer expectations and they certainly weren’t expecting the tenacity of the newer digital focused brands.
Like any successful business, they’ll adapt. It won’t be easy — they’ve sunk so much resource into physical branches and in person processes that extracting themselves will be painful. Additionally, digital processes are still vulnerable to fraud, so they’ll need to nail their security measures. Banks are always a target for criminals, and while it’s not clear whether online banks are inherently less secure than traditional banks, most would agree that online database systems are not yet perfectly protected.
Security risks in online banking services
I don’t envy the architects behind digital banking services — there are multiple vulnerable points that need to be accounted for. Take account creation, for example. They are a major fraud risk which banks currently mitigate by enforcing in-branch interactions. They need to make sure the individual is real, that they own an authentic identity document and, of course, that the document matches the individual. Getting rid of in-branch interactions would mean creating new identification techniques in order to decrease the risk of fraud during account on boarding.
Aside from identification and authorisation issues at the point of account creation, banks will also have to account for authorisation needs at the point of payment or withdrawal. How will I prove who I am, and how will I stop someone else from pretending to be me? Current digital procedures rely heavily on passwords and usernames created by customers. This creates opportunities for hackers that don’t necessarily come about as a direct result of oversight on the part of the bank — for example, if an e-commerce website is hacked and you happen to be using the same login details as your banking website, that hacker can now access your account.
It’s fascinating to watch different companies attempt to solve identity questions that have been challenging societies for centuries. I really do think that, thanks to technology, we are on the verge of cracking a few of them!
Brands looking to win the digital banking race will be asking themselves how they can keep their customers secure in a way that doesn’t negatively impact user experience. For many, the answer (or at least part of it) lies in biometrics.
With the proliferation of smartphones, and the increase in their capability, it has become pretty clear to me that banks need to embrace both biometric technology and machine learning algorithms. Whether that’s through in-house developed software or through third parties remains to be seen. If they employ biometrics, they’ll eventually be able to offer layered authentication in a customer friendly fashion. Different biometrics can be used to facilitate different interactions, allowing the scope of banking app functionality to increase.
Current banking apps are quite limited in terms of what you can achieve with them. You can log in and check account balances, but you usually can’t change your address, order a new card, or even pay new people. Using biometrics, banking customers would be able to verify large transactions by taking a selfie or change their address by speaking into the mic — a fantastic customer experience. We are seeing movement in this direction not only from new fintech challengers but also from established tech giants, like Amazon. It is only a matter of time before this technology is fully embraced by legacy banking brands. Of course, any bank that achieves this would need to account for the increased risks that are created as a result.
A note of caution: apart from preventing system breaches and providing a great experience, educating customers about the increased risk of scams will be vital. In 2015, banking scams pushed up UK financial fraud by more than 25%, according to Financial Fraud Action UK. This type of fraud typically sees fraudsters posing as bank staff in order to trick people into sending them money through online banking.
As a customer, I’ll be looking out for what my bank can do not just in terms of shifting its services to a digital environment, but what it will do to differentiate itself from challenger banks who have already achieved this.