Information security is a constant game of catch-up. We get new technology capabilities, the bad guys find new vulnerabilities. They devise new forms of malicious assault, we come up with new defensive strategies. And so it goes. We know it, they know it, everyone knows it.
Why, then, is the bug known as Heartbleed getting so much attention?
Sure, no disputes that it’s at least potentially a very big deal. But one week into the discovery, Google turns up more than 530 million hits on the subject. The Electronic Frontier Foundation, among others, has labeled it “catastrophic,” and some have gone so far is to describe it as the worst vulnerability to be identified since commercial traffic began on the Internet. Is it really that bad?
Hype aside, here’s what we do know. Over the years, the open source community—basically, thousands of
Heartbleed, the big bad bug in the room, takes advantage of a feature within OpenSSL known as heartbeat, and essentially steals the security certificates that verify a site’s and/or user’s authenticity. The bug has been present but quiet for the past two years, during which time it has potentially undermined security measures for password encryption in a range of environments, from search engine and social networking services to Android devices.developers not beholden to any corporation in particular—have worked together to create much of the software many of us use today. One such program that most people with a life actually know nothing about is OpenSSL, which is very important, since it provides a means for security on web servers all over the world. With this technology, sites can offer encrypted information to visitors, ensuring that the data can’t be seen anyone else when it travels between the user’s device and a particular site.
After that the details get more technical and, sadly, far more murky. On the one hand, we’re being told that despite considerable scrambling on the part of security specialists at companies everywhere, the potential for major damage is very real. It potentially affects hundreds of thousands of Web sites, from Google and Yahoo to Twitter and Dropbox, along with hundreds of millions of users. By that measure, the level of effort needed to truly fix the problem is nothing short of monumental. On the other hand, it’s far from clear just how many sites or users have actually been affected. Challenges issued by security companies to steal information using the vulnerability—basically crowdsourcing digital theft—have so far come up mercifully short, indicating that the concerns, while valid, could be overblown. On the third hand, of course, we just don’t know.
One thing is certain: The old adage about regularly changing passwords, and not using the same one for multiple functions and services, applies now more than ever. The buzz over this recent episode has apparently prompted many users to rapidly change their passwords for all the online services and devices they use, and that’s good. But it would be even better if that became a habit rather than a reaction to much-publicized fears.
There’s a larger question here as well. The ubiquity of technology in every aspect of daily life, from social media to mobile banking apps, has perhaps seduced consumer sensitivity to the issue of information security. And that’s definitely not good.
Making technology capabilities ever more user-friendly carries with it a potentially steep price tag; the easier a service is for everyone to use, the easier it might be for the bad guys for to hack. On a related note, many of the more common services, from email to mobile apps, are free. That carries with it fewer guarantees of rock-solid security.
Many financial technology vendors are already stepping into to the breach to implement fixes for the Heartbleed bug. For their part, numerous commercial banks and other financial services institutions are raising awareness of the threat and running tests to ensure that their communities are not left unprotected.
But somewhere in this environment, consumers have a critical role to play too. Regularly changing passwords is a good start. As digital currency in all forms becomes more embedded in the mainstream, it would be wise to be more aware of security threats and more proactive in taking security precautions.
Now that Tax Day is upon us and refunds are trickling in, your customers and members are being provided with new funds. But whether they spend, invest or save, are you guiding them to make the wisest decision?
Christopher McGill, president and CEO of East River Bank in Philadelphia, PA has a few recommendations for his customers on how to use their refund dollars.
While the smartest decision is to obviously pay off a prior debt or invest that refund, spending – even just a portion of it – on a smart purchase is actually advisable, according to Christopher.
Rule of Thirds
Christopher always recommends the “rule of thirds” when upon receiving an unexpected amount of income. Divide the refund into thirds and put one portion towards a credit card bill or other debt, another third into savings and investment, such as an IRA and the final amount towards something for you.
Save More Money
However, instead of spending it on something frivolous like a trendy handbag or new set of golf clubs, consider splurging on a purchase that could actually save you money over time. Examples include an espresso maker (much cheaper than a daily trip to Starbucks), a bicycle (a healthier and more affordable means of transportation) or a high efficiency appliance, which can help you save loads on energy costs.
Invest in Yourself
Another smart splurge is investing in your career by furthering your education. Use part of your refund to take some continuing studies courses to sharpen your skills and better your chances for that promotion and, hopefully, salary increase.
Finally, for the most selfless purchase of all, consider this the time to get some life insurance. If you have a spouse or children who depend on your income, invest in their financial security and your own peace of mind. While it might seem depressing, spending a few hundred dollars a year to create an insurance protection fund for your family is something definitely worth considering.
What advice are you giving your customers and members?
*Disclosure: Banking.com is powered by Digital Insight
The mobile channel is no longer optional for banks and credit unions. But for those financial institutions already deploying mobile solutions, how do they optimize profit and benefit to the customer?
On Wednesday, April 23rd, Digital Insight will host a free webinar, ”Monetizing the Mobile Channel,” as part of their 2014 Momentum Webinar Series.
The webinar will include insights on optimizing the benefit of your mobile channel and help you:
- Learn about key trends driving mobile innovation and their potential to solve real problems for your users while driving revenue.
- Rethink potential disruptors to your business with a new collaborative approach.
- Understand how traditional channel profitability analysis may limit your perspective and therefore your outcomes.
Does your mobile spending embrace change with a laser focus on ROI? Join Digital Insight as we kickoff our and take a dive into the future of the mobile channel as a profit engine.
We’ll be attending, following along and sharing insights via Twitter with the hashtag #DIMobile.
You can register for the webinar by clicking the image above. See you there!
Below are interesting stories the Banking.com staff has been reading over the past week. What have you been reading? Let us know in the comments section below or Tweet @bankingdotcom.
- What’s Behind the Mobile Banking Boom (video)
Mobile banking has expanded beyond the market for youthful early adopters and is rapidly becoming a mainstream product. American Banker reporters discuss who else is logging on and the hurdles the industry faces to keep the momentum going.
- Report: IT Spending in Retail Banking Will Reach $152.5 Billion By 2018
Back-end investment for compliance and investment in digital channels will drive strong growth in IT spending among North American banks, according to Ovum. Retail banks will grow their IT spending to $152.2 billion by 2018 in response to rising customer expectations and investment in digital channels, a recent report by analyst firm Ovum predicted.
- Navy Federal Promotes Square For Small Business Payments
Mobile payments provider Square could get a big boost from the nation’s biggest credit union. Navy FCU is promoting Square’s mobile card reader and payment processing services to its small-business members. The $56 billion credit union’s website now hosts a page that allows members to sign up for Square. By partnering with Square, Navy Federal is providing members with an easier way to accept credit card purchases and track their sales, according to Jim Salmon, vice president of business services at Navy Federal.
- Banking Insider: U.S. Bank tests voice biometrics to replace passwords
U.S. Bank is joining a short list of large financial institutions that are testing voice biometrics as a potential replacement for the traditional password. That list includes Wells Fargo & Co. and Barclays Plc. Voice biometrics software users log in to an application or website by speaking a word or phrase. The word or phrase is compared to a previous recording the customer has made to verify it’s the same user. U.S. Bank employees are piloting the software and using a simple passphrase such as “my voice is my password” to access credit card account balances, search transactions and make payments on accounts using a mobile device.
- Why There Is No Amazon Of Banking
There are no Amazon-branded products or services. As a result, there are no Amazon product managers with a vested interest in selling their product over some other brand. Can you walk into a Citibank branch and open up a JPMorganChase checking account? Nope. Can you go to the Bank of America web site and apply for a Wells Fargo mortgage? Nope. But you can go to Amazon’s web site and buy just about anything that anybody else sells.
- Here’s the One Stat Big Bank CEOs Are Freaking Out About
A new survey shows that nearly a third of consumers haven’t actually set foot in a bank branch in six months, and one expert predicts that number could rise to 50% in just five years. According to Bankrate.com, 30% of respondents to a new survey haven’t gone to a bank branch in six months. And more than two-thirds of those — 21% of respondents — haven’t set foot in a bank in the past year or more.
This post originally appeared as a Banking.com guest post on Sageworks’ Blog.
Everyone in our industry acknowledges banks need to be different, and we’ve explored numerous initiatives on Banking.com, from video transactions to teller pods and community rooms. But how about serving up a cocktail with your account statement?
That’s one way to look at St. Petersburg, Fla.-based C1 Bank’s new branch in Miami’s Wynwood district. Sure, it’s got all the amenities every branch needs, but be prepared for the teller desk to become a bar, and a fully stocked kitchen ready to accommodate a sizeable party of movers and shakers. In fact, the location actually doubles as an event space.
The trendy art on the walls is kind of a giveaway too, as is the custom, rounded table near the entrance and safe-deposit boxes behind moveable bookshelves. It takes virtually no time for the entire setup to be transformed into a party room. And when the party’s over, a laser light show continues.
The investors say it’s a new kind of bank that’s designed for entrepreneurs by entrepreneurs. For the record, C1 Bank was recently named one of the five local companies to watch in 2014. The branch has also been the area’s first full-service provider for more than 20 years.
It’s easy to wish the establishment luck while privately seeing it as a novelty, but there’s another aspect that demands attention. Many banking industry analysts stress that in order to survive, new branches must reflect and serve their neighborhood’s tastes and needs, as this one surely does.
In the last few years, the Wynwood area in Miami has seen more than its share of ups and downs. However, like many urban areas, it has recently undergone major shifts leading to greater investment, and of course gentrification. What might have once been described as urban blight—personified by abandoned warehouses and buildings occupied by squatters—has been replaced by trendy cafes and art galleries. The textiles industry has been supplemented with fashion outlets.
In that sense, the new branch fits right in. It serves its purpose as a bank branch in the traditional sense, but it does more. And that might be the key to future success.
There’s no doubt that bank branches everywhere have been hit hard by changes in the business environment. Just recently, Minnesota-based TCF Bank announced that it isclosing eight branches in the Twin Cities area, all within the Cub Foods chain. The parent company closed many more late last year in the Chicago market.
The troubles confronting bank branches represent just one aspect—though a painfully visible one—of the many changes rocking the industry. The debate on what comes next continues to rage. There are even discussions on the nature and scope of the problem, let alone the solution. And it’s a good discussion to have.
In the meantime, however, innovations are surely welcome. Turning a sober financial services establishment into an event space with martinis and DJs probably isn’t for everyone. But every branch should probably be asking itself not only what kind of banking services it can provide to better serve the community, but what else it can do as well.
We live in a world of instant gratification, an international outlook and unprecedented mobile capabilities that radically alter consumer behavior. Having with a solid, dependable presence in the community and offering great customer service with a personal touch used to be enough. But in this business environment, at this time, we need to do more.
From this side of the Atlantic, the European Union (EU) can seem like a weird thing—most of us aren’t exactly sure when it started, how far it stretches or even what it exactly is. What we do know is that it’s a case study in constant evolution: It dates back to at least the ’50s, when six nations formed the European Coal and Steel Community and, later, the European Economic Community. However, the current European Union actually takes its name and primary structure from the Maastricht Treaty of 1993. The monetary union, the source of the Euro, was born in 1999; the constitutional basis for the EU, the Treaty of Lisbon, arrived 10 years later; and countries are still joining (Croatia became a member only last year).
Of course, as a unified entity, the EU still seems a little bit strange. But the potential for superpower status is clearly there, which may be one reason why it was awarded the Nobel Peace Prize in 2012.
And then we get to March 2014. That’s when, after protracted negotiations, the last piece of the puzzle fell into place for an all-purpose European banking authority that will, at least by design, be better equipped to handle industry crashes, especially the kind that might have a domino effect. Most importantly, the entity has the regulatory authority to restructure, sell off or even shut down failing banks.
The move is a direct response to recent disasters that had catastrophic consequences for many institutions. Even entire nations have been similarly affected, most famously when a series bank failures and attempted bailouts virtually bankrupted Ireland and sparked major scandals. And whenever this happened, of course, other organizations and governments had to step into the breach, forcing taxpayers in one country to pay for the mistakes of financial services corporations in others.
To its credit, the new entity is designed to look forward rather than just back. The European Central Bank (ECB) has already been doing due diligence on larger financial services institutions to look for potential minefields. It won’t be a huge surprise if it does find problems. Meanwhile, the Resolution Board, as it’s called, has a two-pronged mandate.
First, it takes the power of supervision away from local regulators, who might be too close to the corporations they’re supposed to be monitoring. (They might also turn a blind eye to avoid making national institutions look bad.) More important, perhaps, is the other function, which entails setting up a fund that is empowered to take essentially unilateral action on lenders that are deemed to be in trouble. In these instances, the fund can order a restructuring, sale or even shutdown (in some cases there will be other steps necessary). The fund will have in its coffers $76 billion to conduct these rescues as needed, with the money to be raised through levies on the industry.
The intent, of course, is to protect taxpayers from having to foot the bill for bad decisions made by bank executives. It should also help send a message of stability to financial markets everywhere. These are laudable goals, surely, but will it work?
To be clear, the Resolution Board doesn’t even exist yet. It won’t launch until next year, and contributions to the fund will start the year after that. There are also objections being raised to the effect that the agreement doesn’t go far enough. Some argue that in order to be truly effective, the new entity should be completely independent, rather than tied to an industry authority like the ECB, which has its own connections to national interests. But for those who want strong regulation, it’s clearly a start.
That brings us back to these shores. As we all remember from recent history, the United States has had its share of crashing banks, taxpayer-funded bailouts and accusations of lax regulation. Is there anything for us to learn from what the European Union is doing?
Kids today—they don’t know much, but they think they know everything.
That’s the familiar yet only appropriate reaction to the latest deep dive into millennial behavior as it pertains to banking. This one comes from “The Millennial | Financial Behaviors & Needs,” a comprehensive new study commissioned by TD Bank and conducted by Angus Reid Public Opinion. The study samples 2,031 millennials aged 18-34, all of whom have some form of financial relationships.
In what might not be a big surprise, a significant majority of the respondents, 69%, have never taken part in any financial courses, seminars or workshops. But apparently that isn’t a big problem—fully 59% of those surveyed say they’re extremely, very or somewhat knowledgeable about day-to-day banking. And here’s a nugget that will confirm some more stereotypes about this generation. When they actually do go search for information, nearly half cite parental influence for their opinions in this area, and 40% turn to family for specific advice. Of course, a strong 62% also go online to find answers.
To be sure, none of the findings in the TD Bank is particularly surprising. They do more banking online than in-branch; nearly half favor mobile access, and the numbers keep rising; and so on. Each generation carries with it a level of stereotypes, and this one is no exception. And of course, as with most stereotypes, there is more complexity than is first apparent, and that emerges with more detailed research.
It’s easy to shrug off these studies, but to do that would be a mistake. Negative perceptions aside, millennials do bring real change. And for our industry to survive, let alone thrive, we must do things very differently.
Millennials are the reason why a retail giant like Costco is facing some very real problems. The company is still frequently celebrated in customer service surveys and documentaries alike, but concerns are rising that the membership and bulk-goods business models don’t appeal to younger consumers. That may be one reason why the stock is suffering.
On a related note (since the Costco model is so dependent on customers having cars), the auto industry—which is still in recovery mode after a rough few years and government bailouts for some—is getting worried that those pesky millennials don’t seem to want cars as much as their predecessors did? Is it because, in this economic climate, they just can’t afford to buy what they want? The car makers certainly hope so, but the fact that an alarming number of teenagers haven’t even bothered get a driving license should be cause for concern. Is it because the wealth of social media tools and channels make it less necessary to meet face to face? Is it because in the age of Big Data, these tech-savvy and privileged consumers won’t respond to marketing unless it’s much more customized?
And as even a scan of the headlines will make clear, millennials are the reason why President Obama appeared on a far-outside-the-mainstream outlet like “Between Two Ferns” to pitch his signature legislation, the healthcare law. Critics have savaged the appearance as being beneath the office of the President, but the undeniable truth is that the stunt generated enormous attention and drove unprecedented traffic to the primary healthcare site.
In a sense, we’re not that different from giant retailers, carmakers and the Presidency. We need to get our message out there in order for our customers to come to us. We don’t have to change our identity or our philosophy in the process, just certain strategies and a lot of tactics. But the bottom line is that in appealing to millennials, if we’re not doing things differently, we’re probably doing things wrong.
Below are interesting stories the Banking.com staff has been reading over the past week. What have you been reading? Let us know in the comments section below or Tweet @bankingdotcom.
- UMB Emulates Apple in Push to Encourage Mobile, Online Use
UMB Bank is channeling its inner Apple to encourage more of its customers to use online and mobile banking. The Kansas City, Mo., bank has begun designating tech support specialists in its branches whose job is to help customers understand and use digital services like mobile deposits and online bill pay.
- Omnichannel Banking: More Than a Buzzword
Banks are in an unequalled position to understand their customers. They already can see product use, transaction patterns and demographic profiles. By leveraging channel usage insight, they can develop an even more detailed customer profile. Understanding not only what the customer looks like, but also how they conduct their banking can allow for improved product offers using their preferred channel.
- Regions, Credit Unions and USAA Sit Atop Customer Experience Rankings
The banking and credit card issuer industries both saw significant improvements over last year in the Temkin customer experience ratings. Regions and credit unions earned the highest customer experience scores among banks in the 2014 Temkin Experience Ratings, released earlier today. Regions and credit unions tied with scores of 81%, followed closely by USAA and TD with scores of 80%, and USAA also earned the highest score among credit card issuers with 77%. Overall both the banking and credit card issuing industries improved their scores over last year.
- BBVA creates digital banking unit
Spain’s Banco Bilbao Vizcaya Argentaria has established a digital banking unit in a bid to boost the development of its various technology-led businesses. The new business area is charged with leading the bank’s digital transformation around the world, running its multi-channel strategy and the design of operational and commercial processes. It will also work on developing new business lines, overseeing internal developments such as the Wizzo app as well as the bank’s startup investments made through its $100 million venture fund and Simple, the US firm it bought for $117 million last month.
- It’s Not Easy for Banks to Sell You on New Services
Banks spend tons of money figuring out how you like to spend and save money, especially when it comes to using credit cards and mobile banking, two huge profit center for financial institutions. The credit card industry will process about $4 trillion in card transactions this year, according to Business Insider, and Albany, N.Y.-based ResearchMoz reports that mobile banking is also flexing its muscles, growing from 480 million U.S. users at the end of 2012 to 1.08 billion by 2016.
- One in Three of Americans Hasn’t Been to the Bank in at Least 6 Months
More than a third of people in the U.S. haven’t been to the bank in at least a half of a year, according to a new survey. People with lower incomes and less education visit bank and credit union branches less often, the Bankrate.com survey found. For example, 35% of people with at least some college education visited a bank in the last week, compared with 21% of people with at most a high-school education.