Community

To prevent €1.3 billion in online fraud, EU is putting €150 billion revenues at risk. I can't believe this madness.

As I've pointed out countless times in the past 4-5years, 2FA has been a major conversion killer in India. At last, I'm glad that mine is not the only voice in the wilderness on this issue. If India's response is any indication, we can expect to see a lot of fintech activity in the EU around legitimate sidestepping of SCA.

Why Do People Obsess Over Security And Then Make Payments Without A Password?

Winners Don't Let Security Screw Up User Experience

After a decade of burning through VC cash and promising to disrupt banks, online P2P finally figures out why banks came into existence hundreds of years ago. How shocking...

I'm not a Brit, nor do I live in UK now, but this survey echoes my thoughts on Open Banking (no compelling need) and behavior on passwords.

Yes, passwords on mobile devices are a big pain. No, biometric alternatives are not a solution. I've tried fingerprint on my smartphone and disabled it. I'm never sure when it will work and when it will not. Unlike password - it works almost always if I've entered the correct password and fails almost always if I've entered the wrong password. Non-deterministic methods like biometrics deliver uncertain results and I don't find them too comfortable for crucial things like accessing a financial app. Besides, they're quite sensitive to hardware quality, environment, etc.

That said, copying the same logon screen from desktop web to mobile app is not the solution either. Entering userid, password etc on mobile virtual keyboard is a major pain. I immediately delete any mobile app which does that. Most recent example is my stock trading app ICICIdirect. I've been using its desktop web version for nearly 20 years but I just couldn't stand the friction of navigating the same logon screen on the mobile app. I deleted it within a couple of days.

Personally, I think a 4 or 6 digit PIN for logon on mobile app strikes the right balance between security and UX (even though it does introduce another item to remember) e.g. HDFC Bank PayZapp. For a vast majority of people, though, the tradeoff seems to lie in no form of gating whatever. They never logout of mobile app so that they can order food, taxi and make payments without password, fingerprint or any other form of authentication, as I highlighted in Why Do People Obsess Over Security And Then Make Payments Without A Password?

When I was booking flight tickets on Expedia.de nearly 20 years ago, I raved about the context-sensitive offer of "Baggage Loss Insurance" for a few extra Euros. Until someone told me airlines are required by law to compensate loss of baggage. More recently, I gushed about another insurance product on AXA Fizzy - The New Kid On The Blockchain. Until @JamesPiggot pointed out that "in the EU there is statutory compensation for late or cancelled flights ". Most recently, I thought a digital insurance company was doing a great job by offering compensating for loss of baggage on Indian trains. A coworker just rained on the parade by explaining that Indian Railways is liable for compensation of lost baggage. 

In each case above, passengers don't seek the basic compensation bundled with their ticket prices. This could be because of (1) lack of knowledge of the free-of-cost cover (2) heavy friction associated with the claim process.

In all cases, passengers buy the third-party InsurTech product because of their (1) high visibility (2) contextual offers (3) 100% digital fulfillment (4) low friction.

Going by the above, I'd agree with this report that insurtech does not offer much value from the core product p.o.v. But I'd argue that insurtech does offer a lot of value from the customer experience p.o.v. 

Only time will tell how many people will pay for products of that nature - low product value, high CX value. And whether that number will deliver the scale required for insurtech to become a sustainable business in the timeframes expected by their VC paymasters.

"Sharing Economy" or "Uber for X" or whatever you call it, these are platform / marketplace businesses predicated by VCs who fund them to be "Winner Takes All". Which means that very few of them will be left standing. Which implies that users can get upset with blips - small or big - all they want but they won't have anywhere else to scurry to. Marketplaces tend to spend more resources on perfecting their algorithms rather than adding human touch. This approach seems to be working just fine for, say, Amazon. Like I keep saying, Amazon provides such a great CX that nothing goes wrong most of the times. But, when it does, customers don't have any email or telephone or chat support to seek redressal from and realize Amazon's customer service sucks. 

In Fintech Shouldn’t Stop Chanting The Disruption Mantra, I highlighted why it's naive to expect fintechs like challenger banks to improve CX. Ditto for solutions because it takes two to tango.

Challenger Bank can do nothing by itself if Sender Bank and / or Scheme truncates the Bene Name (per my experience in UK) or strips it out altogether (as it happens with IMPS in India) because of limitations in bank system's field length or scheme's ISO8587 messaging standard. 

Collaboration is mandatory. 

It is impressive how I can copy-paste a few lines of code into my website and start accepting digital payments in a few minutes. However, it's depressing how the PSP (e.g. PayPal) puts a hold on my account after it has received money and when I want to withdraw it to my bank account and then asks me all the questions that banks ask before approving my merchant account. IME, when it comes to business payments, you face friction either before onboarding or after onboarding - a truly frictionless payments system is yet to be invented. And that includes blockchain payment systems. 

There's no compelling reason for the recipient bank to stop payments going to the wrong account. In fact, the way things are, there's nothing like "wrong account". Sender Banks make it clear that beneficiary name is not considered anywhere. So payment will go to stated account as long as the stated account exists in the recipient bank's CIF. That's why we're where we are and a CoP service is required in the first place.  

Regulators had full access to transactions on exchanges, still could not prevent "front running" and other shady practices of algo trading in realtime. Why? Going by Michael Lewis's "Flash Boys", that was because algo trading operates in millisecond whereas regulators monitor transactions only once a second. So algo traders would get away by squaring off a transaction within a second, thus staying out of the radar of the regulator. Shows that mere access to data won't achieve much. I suspect the same in the context of Blockchain as well. 

ShopIn already pays SHOPcoin for shopping data. Now we hear that Jaguar Land Rover will soon pay IOTAcoin for driving data. Which will be first company to pay "OBCoin" for banking data, per my guidance in Open Banking Needs A Blockchain Boost?