Jonathan Morgan, CEO, OpenMarket – September 21, 2015
I recently attended a Financial Services Technology conference in Sydney and, during one of the morning sessions, I was struck by a possible new future for the established banks.
As anyone who attends these sorts of events would know, over the last two years they’ve essentially become a conversation about whether the established banks can adapt in time to compensate for the wave of new disruptive “FinTech” companies entering their space. Some examples are “peer to peer” lending from the likes of Lending Club, SocietyOne or Ratesetter challenging them in the highly lucrative personal loan space, CurrencyFair or Halo in cross-border foreign exchange translation, in credit cards with the likes of Final, share trading with Robinhood, or even the whole gamut along the lines of Simple.
The traditional banks are sometimes characterised as slow and lumbering in their response. It’s certainly the case that by virtue of the number of staff, existing investment in infrastructure, and legacy financial systems, adaption can’t be as quick as the newer start-up disruptors.
So, how can the traditional banks compete? What strengths do they have to compete? Well, they have our money! But I’m thinking more in terms of enduring strengths that can span a period of disruption. Kodak didn’t fare well when the iPhone arrived, so even companies that seem to have real expertise can find that it’s not relevant enough once a new operating environment dawns.
Trust would seem to me to be top of mind. Originally banks were the place with a vault, which physically protected the customer’s money. Today when you say “security,” often people think of “digital security” first. However, why can’t banks evolve to be the custodians of a customer’s digital security in the same way they are custodians of our money today?
When you look at the trust that the wider public has in businesses, faith in giants like Google and Facebook is actually low. People don’t trust those companies to protect their identity; in fact, they expect those companies to exploit their identity in the quest for profit. Companies like Apple would fare better, not least because their business model is clearly different – they have higher product prices and don’t need to sell your personal data as a result. However, financial institutions like banks are held in much higher regard.
Can banks use this brand equity in their ability to protect what’s most important in our lives to “pivot” into a new domain? I think they can.
Today we log into websites, and we authenticate payments with PINs, and so forth. It’s all very mechanical and it gives us a feeling we are being protected. Different passwords and PINs for every website and payment method don’t scale though, and so alternative methods will be borne. Apple would appear to be using their fingerprint scanner to do that, and maybe there will be facial recognition, voice recognition, and location recognition. Who knows?
What if you logged into a website, or an app, or authenticated your authorisation for a transaction with your bank? What if you trusted your bank to authenticate your identity on your behalf? So, instead of your personal details being kept in a sort of passport like Visa Checkout or MasterPass, the bank kept your identity in a digital vault and liaised with the services you interact with on your behalf. This means they never disclose your details, but rather authenticate you in some sort of highly secure tokenised way. You’d log into your share account via BigBank, you’d log into Facebook via BigBank, you’d authorise a payment on eBay via BigBank, and so on.
If they were to do that, and you trusted them to perform that function, it would facilitate “permission” to stay part of your life. The bank might then use that data on what you are doing to help target offers and services on what you need most. Let’s face it, the margins on financial products will become more competitive as new entrants reduce profits, but fundamentally being in the right place at the right time will mean you are at the front of the queue. That feels like an enduring competitive advantage to me.
If you are logging into your app via BigBank, or authenticating a payment via BigBank, it gives them the perfect opportunity to market services like insurance, personal loans, credit, etc. when you need it most. Some examples: are you buying a car and need car insurance? Are you transferring a large sum of money to buy a house? Need a home loan? Are you buying a new iPad, but you don’t have enough money in your account – can we help with a short term credit facility? BigBank is also likely to be able determine your intentions just by monitoring this behaviour. Remember Eric Schmidt’s telling quote from 2010:
“We don’t need you to type at all. We know where you are. We know where you’ve been. We…more or less know what you’re thinking about.”
In this way, the banks would pivot into being an institution we relied on in our digital lives, that we trusted, and would have near unparalleled access into our behaviour.
So, if this bright new world is the future for banks, what should they be prioritising today? Well, it’s important to be using new security methods so a) your customers can see that your bank has secure access and b) you are learning which methods work best and when e.g. via SMS code (the so called Two- Factor Authentication or 2FA), keypads, fingerprint scanners, retina scanners, and so forth. Not every method will be right in every scenario, so the earlier that banks develop expertise in which methods are most successful in which situations, the further ahead of the game they will be.
OpenMarket plays a role in security, and we power many organisations’ mobile security capabilities through 2FA. This is where a user types in some identifying information about him or her to an application, and then we send a code to the user via SMS, which he then types into the application to authenticate. This code represents the second factor.
The benefit of this method is that it works with every phone, in every country, even when the user is roaming, and everyone knows how to access the SMS code. Some folks are concerned about the risks over porting fraud, but we have some technology that can help with that. The benefit of a method like SMS authentication is that it starts to associate the bank with the process of authentication and this could be applied to services not owned by the bank very easily. An example is that I log into my share account, it has the option “authenticate via BigBank”, BigBank sends me a code, which I type into the website to authenticate myself. The path that I have outlined above could be used today by any financial institution and hence, begin the shift.
Where is the Luke Skywalker of the banking world sitting today? And like in the fourth episode of the eponymous series, can he or she come to the rescue of the banking sector before the disruptors become too strong? Only time will tell, but OpenMarket is here to help! Contact us for more information.