Delight or Disappoint? FIs Balance Security and Customer-Experience Paradigm.


As mentioned in my last post, with organized crime groups clearly focused on the mobile channel, financial institutions will increasingly need to roll out strong security. But, they also need to be mindful of the impact that security has on the user experience.

At a recent conference, I had the pleasure of attending a session hosted by a SVP of security at one of the largest banks in the US. He discussed the current state of cybercrime threats and security challenges, but I was encouraged to hear him also devote considerable time to the importance of the customer experience. He then made what I consider to be a profound statement that applies to virtually every company in today’s Internet age: “Delight or disappoint and they will tweet, and they will blog and the social momentum will take off.”

So how does a bank best approach delighting their customers giving the opportunities and threats associated with Internet- and mobile-based service offerings? I think it’s safe to say many banks have shied away from tackling the problem until now — mostly employing a “do little approach” to protecting their online and mobile customer base.

A recent article on Bank Information Security’s website discusses a Javelin report, “Banking Identity Safety Scorecard,” which concludes that banks still rely on “old authentication” techniques and have failed to properly vet new mobile applications and services. One of the primary reasons? Banks are sensitive to introducing anything that may add potential customer frustration. Unfortunately, what they fail to realize is that cybercrime is impacting the customer experience and corporate brand. Just take a look at the wrath of major breaches this year and you’ll see why.

With the constant innovation in the cybercrime community and related update to the FFIEC’s guidance for online banking, FIs will have no choice but to implement stronger forms of security. The question that should be top-of-mind becomes: what options exist to implement security that can strengthen customer experience and brand, and ultimately improve our competitive advantage?

I had the opportunity to address that specific question during last week’s 2011 FS-ISAC Fall Summit in Washington, DC. In a nutshell, Entrust firmly believes that FIs have a great opportunity to leverage existing mobile-banking applications to introduce strong security for online, mobile and even ATM and call-center channels.

Think about it. As a bank, you can provision a whole suite of simple-to-use security measures to provide strong authentication and even effective protection against today’s nasty man-in-the-browser (MITB) malware — all within the realm of your mobile-banking application. Simple, integrated and conducive to a cross-channel user experience. Now that is something that will truly delight customers and help set FIs apart from competitors.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation