We’re fast approaching the era of mobile-only banking. When Apple announced the Apple Card last month, the feature that stood out was that the entire customer experience happened on the phone. From applying for the credit card, getting approved in minutes, to immediately being able to use the virtual credit card on the phone. A physical card will still be issued, but it’ll follow a few days later and not hold up the convenience of immediate use. Today, banking customers not only want, but expect the best experience and complete security.
It’s against this backdrop of a seamless customer experience that we still have banks relying on hard copy delivery methods of one-time passwords (OTP) to customers, sending physical scratch cards in the post. This goes against the principles of the best experience and flawless security. In comparison to the challenger banks and companies like Apple, these banks are demonstrating to customers that they are rooted in the past. This negatively impacts customer experience, leaving users waiting. It’s also expensive for the banks to implement, with printing and postage costs having to be absorbed.
Some banks implement a hardware device to generate the OTP. However, this still isn’t satisfactory as it requires the customer to have the device to hand to use it. And it requires the bank to pay for the hardware devices and deliver them securely to customers.
Today customers demand one thing and banks are delivering another. However, it would be very easy to match both: usability and security. Current digital soft token technology is the most secure and cost-effective solution for banks, and customers expect this now. Several major banks in Asia rolled out the technology, which provides a bank’s customers with one single app for banking and authentication. This way banking customers do not need to leave the secure environment of their banking app.
Matching the banking app and the authentication app in one is more secure than SMS tokens, which are still very popular. This is because the Strong Push Authentication token resides in a protected environment, and uses a separate secure channel for data transmission which is an end-to-end encrypted connection and avoids open Internet and unsecured mobile networks.
As the challengers gain ground in attracting further users and delivering the best customer experience, the incumbent banks must keep up, and they must do everything they can to deliver a great experience for their clients. The move to digital security tokens will allow customers to ditch their hardware tokens and bank more conveniently and securely. Everyone has their mobile devices with them, all of the time.