Community

This is an excellent research paper around why, warts and all, passwords are here to stay and, despite their huge promise on paper, many alternatives haven't managed to move the needle on adoption.   

https://www.finextra.com/fullfeature.asp?id=1705

@GaryW:

Please correct me if I'm wrong: In short selling, success in delivering itself incurs potential risks of stock price going up (instead of down, as the short seller expected), whereas failure to deliver attracts penalties from the stock exchange. 

@StephenS:

We might be living in a political democracy but, when it comes to the business world, capitalism rules! To me, Main Street and Wall Street are too tightly intertwined for any clear master-servant relationship to emerge. For every SELL transaction, there is a BUY transaction, as long as the financial market supports the volume, I don't see any need to artificially keep it suppressed by real world volumes. There were homebuyers underlying subprime mortgage security. Some banks got bailed out using taxpayer funds, as were Main Street companies like GM, but many of both were also shuttered down. 

Exploiting data explosion, social media and new channels / devices will call for heavy IT investments. Given that financial services IT is driven largely by operations in most FIs, it is not surprising that CMOs find themselves incapable of turning these 21st century blips in their radar to competitive advantage and additional sources of revenues. A recent Gartner report predicts that CMOs will have a bigger IT budget than CIOs in the next 3-4 years. If and when that happens, marketing departments will be able to acquire the next level of capability. 

In all this discussion about definition of 2FA, what constitutes a puristic implementation of 2FA versus what does not, etc., it's equally important to assess what are the appropriate use cases for 2FA in the first place. Does a retail banking customer really  have to go through 2FA to know their account balance? Should a biller use 2FA to authenticate that the payor is indeed the subscriber? I could go  on with such rhetorical questions but the primary point of a transaction is that it should go through without causing undue friction for the customer, and I think this point often gets missed by overzealous security mechanisms. Some seven years after FFIEC mandated 2FA for online retail banking in the USA, the level of compliance may be low, but I have never come across any solid evidence that non 2FA users have suffered greater theft as a percentage of their transaction volumes as compared to 2FA users. 

The man on the street will always make comparisons closer to their everyday experiences. Continuing with the comparison with used car sales, it is legal for a used car dealer to strike a deal without owning the car as long as s/he commits delivery on a future date (by which time the seller is sure of sourcing it). It only becomes a crime when the seller is unable to deliver on the committed deadline. The same thing applies for short selling of stocks. 

@Alex B:

Yet another excellent post! I'm sure that your approach, combined with a few BEFORE-AFTER videos of "Cutting the cost of customer administration?" and other strong use cases, will work much better at getting banks to adopt social media than most of the other impractical guidance going around these day. 

An old example used by the famous management guru Tom Peters comes to mind: You could build lifejackets from concrete. As long as you say this upfront and do exactly as you say, you can achieve 100% compliance ( under ISO9000 quality norms). On the other hand, you might not be around to realize the high risk inherent in your action! 

@AlexB:

Great post! I've written several times myself about the high degree of friction involved with many Internet Banking portals and readily empathize with your views.

I'd even go one step further and say that "info and transactions should be placed at the venue where customers are likely to find them most naturally". Barring fund transfer and a few other transactions, Internet Banking is not this venue.

You've already mentioned account balance. Let me mention another use case that I've sought for many times but never found: Suppose I wish to remit some money from UK to India. Obviously, high GBP:INR exchange rate would be an important criteria for me to decide when, and with which bank, I should put through this transaction. Today, I've to suffer the friction of visiting one or more banks' Internet Banking portal(s) and, with some banks, be forced to log on, to source the latest exchange rate several times over a period of a few days. Tomorrow, if only a certain bank provided this info via RSS feed on my desktop, like news feeds, I'd be sure to give my remittance business to it.

A bank's exchange rate is not proprietary info. I don't see why it should be placed on its website, either inside the walled garden or outside it. Still, I've never come across any bank offering this feature.

Without denying the importance of accountability, I'm also mindful of the clamor around measurement of marketing ignoring certain ground realities viz. (a) High cost and expertise for measurement tools make it impractical for all but the top spending marketers to adopt them (b) Metrics that can be measured often lack resonance with functions outside marketing. For example, marketing will claim high effectiveness of a certain online ad because it generated heavy incremental website traffic or Facebook Likes or whatever, but sales would only be impressed with qualified leads and revenues, finance with profits, and CEO with EPS - none of which can be measured by using even the most state-of-the-art marketing measurement tools and techniques.

In all this clamor, one thing is undeniable: When marketing works, it generates returns far in excess of what it costs. Which is perhaps why marketing continues to flourish more than a century after prominent people have raised questions about which part of marketing works and which part doesn't.

For greater adoption of measurement in marketing, I think the trick is to get the level of granularity of metrics right.

@MichaelK: 

Thank you for your comment. Unfortunately, I haven't come across a single biller offering the facility to change e-bill or -statement password to one of my choosing! I'm not even sure if it's technically possible to change passwords for 'asynch' items like these. Please let me know if you're familiar with any. Thanks in advance.