The American public was introduced to the idea of all-hours banking when in the late 1960s pioneers from across the Atlantic brought the concept of the ATM to US shores. Put forward as a remedy to the issue of after-hours trading, or lack thereof, the automation of certain processes boosted productivity for early adopters and rendered certain posts redundant. For the first time, customers could conduct their financial dealings at any hour of their choosing in places apart from their local branch, and it was from here onwards that banking became accessible even to the farthest reaches of the US.
If ATMs changed banking for the better, then the internet has transformed it for good, bringing with it new and novel new ways of engaging with customers. All encompassing, multi-functional channels have altered the landscape, and developments in the years since mean that almost the entire spectrum of financial services is never more than a few clicks away. Long gone are the days when any person wanting to make a transaction had to abide by branch opening times, and mobile technology is today the latest technological innovation to revolutionise the American banking and payments industry.
Long gone are the days when any person wanting to make a transaction had to abide by branch
opening times
Mobile banking comes good
One study conducted by the Federal Reserve last December showed that in 2014, 91 percent of the adult US population used a mobile phone for mobile banking and payments (see Fig. 1 and 2). The penetration of mobile banking applications, meanwhile, has reached never seen before heights, and, going by Statistica figures, reached upwards of 42 percent in 2014, with 13.5 percent of Americans testament to having ‘often’ used mobile banking apps.
Experts have dubbed each of the last five years the ‘year of the mobile’, and those at the sharp end of financial services have been quick to make good on a mobile money revolution. Whether it be shopping, budgeting or banking, the ubiquity of mobile technology means that each of these activities is within easy reach. Demand for mobile payments is projected to tip $214bn within three years, according to PwC, and although American consumers are often slow to switch accounts, mobile banking is a key point of differentiation in what remains a hyper competitive market.
No matter the specifics, what’s true is that the way Americans make purchasing decisions has changed immeasurably. While much of the focus so far has fallen on mobile growth in developing nations, in a period where convenience is of the essence, American banks can ill afford to let the mobile opportunity pass them by. Research on the subject proves that m-banking has come a long way of late, although the reasons that keep the remaining 57.2 percent of the population from mobile banking – according to Statistica – must now take centre stage in order to realise its potential.
“The threat to banks from disintermediation or being disenfranchised is real as other players experiment with and create new channel distribution opportunities”, said Alastair Lukies, CEO and co-founder of Monetise in a Bank Performance Advisors report titled Perspectives and Research on Mobile Banking. “Previously, the branch, online bank, ATM or call centre were an easily controlled portfolio of supply chains managed by a bank as it connected directly to its consumer. This is no longer the case – at its core, banking is in flux.”
M-banking outside of banking
Sources at Gartner say that the global market for mobile payments will rack up $720bn in transactions by the time 2017 is up, from $235bn in 2013, and the US reigns currently as the choice destination for the sector’s leading names. American start-up Square, alongside the likes of Google, PayPal and Visa, have each devised their own mobile payment solutions, with a view to clawing a sizeable share of the market early on. Yet doing so is not without its challenges, and initial signs show that millions of consumers are still unwilling to use their mobile in place of plastic.
The emergence of Apple Pay late last year proves that those in industries apart from banking are intent on conquering the mobile payments space. Less than a year into its lifespan, the mobile payment system has been talked up time-and-again by Apple execs, and despite problems with regards to adoption, the digital wallet is fast gaining momentum.
All this serves as a timely reminder for banks that their hold over mobile payments is far from watertight, and for as long as they fail to address commonly held concerns or push the envelope, competitors – much like Apple – will pick up the slack. The issue is not that banking has been slow to muscle in on mobile, but rather that competitors have more clearly identified the issues troubling consumers.
Whereas competing services such as TransferWise, Simple and Square are singularly committed to mobile payments, mobile banking is only one part of a much wider spectrum of services. As a result, where the aforementioned have taken pains to put security front and centre, banks have by-and-large failed to address these same concerns with quite the same clarity – yet they should.
“Since significantly more data is easily accessible to a compromised mobile device, social engineering is becoming an increasingly sharp tool for cybercriminals to take control of mobile devices. As a result, financial institutions risk increased fraud in their mobile channel, and mobile users risk identity theft”, said Ken Jacobi, Senior Product Marketing Manager at security firm Webroot.
According to a recent study conducted by cognitive biometrics firm BioCatch, 61 percent of a 600-person sample indicated that hacking was their number one concern when it came to online and mobile banking. Likewise, 66 percent of respondents in a Capital One survey cited security challenges as the number one issue standing in the way of increased adoption, whereas the Federal Reserve showed that 59 percent of Americans shared concerns about security.
Irrespective of which study is most accurate, what’s clear is that the issue of security is standing in the way of adoption, and for as long as those in the banking community refuse to take further steps to arrest these fears, m-banking will stop short of its potential. With 93 percent of the unbanked population with access to a mobile phone, and almost three quarters of those internet-enabled, the profits lost – should banks decide not to act – could well number in the billions of dollars.
One IOActive study shows that of 40 banking apps taken from the world’s leading 60 banks, nine out of 10 had serious security vulnerabilities. The firm’s Senior Security Consultant Ariel Sanchez also found that, of the sample, 70 percent were without alternative authentication solutions and half used iOS’ UIWebView in an insecure manner.
“In general terms, I think the biggest security threats are related with ‘transport security’ of the mobile banking apps”, said Sanchez. “Vulnerabilities like plain text connections [non-SSL links], lack of SSL pinning protection and poor security of authentication processes are the biggest problems, since these allow an attacker to perform different kind of attacks like MiTM [Man in The Middle], phishing and client side injects that could potentially compromise the contents of user sessions including passwords, session identifiers, and any information exchanged between the server and its clients.”
All this means there are real and growing opportunities for technology firms, as banks look to partner with the best names in the business to bring innovations such as fingerprint and voice recognition technology to market. As far back as 2004, Bank of America trialled biometric security systems in select branches, and the introduction of similar such technologies to mobile represents something of logical next step for an industry in the midst of revolutionary change.
How to put it right
Mobile malware, susceptible Wi-Fi connections, third-party apps and unscrupulous user behaviour each threaten to compromise security, yet the scale of the issues are often misunderstood or misstated by consumers. The real problem for banks is not inadequate security in itself, but the perception that m-banking apps are without the requisite defences to keep private information confidential.
True, security is a concern for the banking public, though no more so than usability. Biometric technologies are as much about improving convenience as they are security, and it is for the former reason rather than the latter that many in the banking sector are looking to introduce measures that make mobile banking both safer and more immediately accessible.
“I think that there should be more discussion on usability vs security. And banks should also try to find a good balance between both”, said Sanchez. “The key is understanding that security is a business issue rather than an IT issue, because the risk of launching new mobile apps and services without very good security standards could result in a huge data security breach, which directly impacts the financial sector.”
Jacobi added: “Realistically, there is always going to be a balance between usability of mobile apps and security. Financial institutions have tended not to restrict account holder access, even from infected devices, to benefit from the satisfaction and loyalty that mobile banking fosters.”
The aim for those in the US banking sector, after all, is to bring more users to the fold. Security certainly factors into the equation when it comes to engaging with mobile banking, yet it is usability not safety that brings users to select one mobile app over another. With interpretations on the issue already skewed by a lopsided debate on the subject, the sector’s focus will continue to fall first on convenience and second on keeping confidential information secure.