When a little card reader called PINSentry arrived for one of my accounts with Barclays, I was initially a bit curious of the technology but more importantly I was frustrated. Could I use my bank on the move? What if I am in Starbucks and I forget it? Where am I going to keep it on my desk? (yes, this is a concern for me!)
For those of you that are not aware, these card readers look like a calculator with a slot for your card at the top. You enter your card, enter your pin, enter a code from the website and receive a code to type back into the website.
A number of years ago, while working for an upcoming warehouse software company, I came across a somewhat paranoid but fascinating solution one of our clients used to protect their network. We often had to access databases remotely and in this case we did so via a VPN (a VPN is basically connecting to a private network over the internet).
The added twist was that we had to enter an extra code. This code was shown on a little keychain dongle that had been sent us – while I don’t remember the name or details, the dongle gave us the password and it was different every time. We had excited conversations between ourselves on how this thing worked and how the algorithm could possibly be cracked. Soon enough we realised that the whole idea was a huge burden – many people needed to access the VPN from many different places and we only had one.
We toyed with the idea of setting up a webcam and broadcasting the readout via a webpage, undermining the security. Fortunately the client scrapped this security.
I write this because this is exactly the frustration we all face with bank card readers. Currenty I am in Asia (Koh Chang, Thailand to be precise) and I am carrying no less than three of these readers, one of which I had to have shipped from the UK after they replaced it.
Why else are these readers a burden?
- They prevent multiple users accessing the account simultaneously (think business accounts and shared accounts)
- They require your card, so two items need to be carried at all times. Some people never use their cards and have no reason to carry them
- Card readers can break
- Card readers need batteries
- They are not convenient to carry
It is no doubt a big priority that these systems remain secure. Ultimately, that security is irrelevant if the customers do not use the service or transfer to banks that have a more user friendly security method. So, in my opinion, number one priority for bank and customer is the usability.
Unfortunately, the card readers are just the icing on the cake for me. Some of the other frustrations I find with online banking:
- Non standard login methods, preventing your browser or plugin (LastPass!) from working
- Incomprehensible design and technology decisions, causing major usability problems. (e.g. browser back/forward buttons causing logging out)
- Lack of stored data (most of my accounts only hold a couple of months statements)
- Lack of browser/device compatibility (no chance of banking online with my phone)
- Lack of reliable notifications for payments (did they receive it? what is the status?)
Fortunately, I have seen recently a couple of examples of great forward thinking in the online banking arena. Of particular note is Barclaycards excellent new online interface, launched around July 2009. As the screenshot below shows, you can see up to date graphs on your spending categorised by groceries/fashion/travel etc.
As Barclaycard have pioneered, what else can we look into for our online banking solutions?
- Notifications – RSS, Text, Email and/or desktop messages showing transactions, balance, charges, statement available
- Phone integrations – an iPhone app for my banks, with push notification, would be immense
- Integrations – Achievable via notifications for a programmer, but some kind of integration with invoicing software or personal finance systems would be a big time saver.
- Better exports – ability to export all information, from all date ranges
- Better use of information – Imagine the information that must be available on each transaction? Location, company details, exact time, balance at that moment etc.
- Standardisation across banks, allowing the ability to view finances together (perhaps only realistically achievable by integrations)
I intend to investigate further, although it seems that existing websites bringing finances together in a truly automated way are still in infancy, probably due to our banking system here in the UK. It is only last year that the banks upgraded their systems to allow instant money transfers (instead of 3 to 5 days delay) – from a reliable rumour I heard, this was due to some banks using the equivalent of spreadsheets to organise these transactions.
Some of the sites that are worth investigating (thank you to Emma Davies of LoveMoney for her contributions here):
Mint.com – currently seems to be USA only
Money Dashboard – looks slightly amatuer, although claims to integrate automatically. Try with caution, I saw them spamming on money forums. Still in Beta with no launch date.
LoveMoney.com – A new UK only company launched in April 2009, with online banking launched in December last year. Constantly improving with updates every two weeks. Check out the Love Money Blog.
Kublax – a 2007 seedcamp winner, but faces closure due to lack of funding. Could be saved by Simply Finance so still worth keeping in mind.
Wehuhu – No integrations yet (manual uploads) but this is a new service and could be expanding soon.
With some digging around, there appears to be a resistance from the UK banks which is delaying these types of systems. Quote regarding Mint.com “They’ve said they aren’t going to launch a UK version for the forseeable future. None of the major UK banks have gotten on board to allow sharing of transaction data.”. Source: Money Saving Expert forums.
Imagine the Future
I am an optimist. I picture a time when I wake up in the morning, check my emails and see that I have received three payments with details of who from and the exact date/time they sent it. This summary also shows that of the five payments I sent yesterday night, three have been received successfully and two are still pending. My invoicing software is notified of the payments and marks the relevant invoices as paid.
Sat in my favourite coffee shop, I check out my iPhone banking app. I can quickly see the balance of all my accounts, credit cards (including available spend) and also that the two pending payments are now confirmed.
That evening I travel out of my home town and pay for petrol on my card in somewhere I have never been before. I instantly receive a text message to notify me of this transaction, due to its slightly out of character nature, with a web link and number to report the fraud and instantly freeze the card if necessary.
It is is the end of the month and I am checking my credit card statements. I can see easily what I have spent compared to the past 6 months, by category of expenditure. I can see a graph showing my expenditure over the month and realise that the first week I went a bit overboard on clothes shopping. My account shows that all bills are scheduled to be paid and calculates that there is enough money to pay them all, giving me a total of “free cash” that I can withdraw during the month.
This is just a sample of how much control we could have and how convenient banking could be. How nice would it be to see a cheap Macbook Air in the shop, check your finances instantly on your phone and only buy if you can? Not very nice for the banks it appears, which may be a reason they are dragging their heels when it comes to providing us with convenient information.
Why Banks should Embrace
More control over our finances should theoretically mean less mistakes, less people overdrawn, less interest and less fines; all this equals less profit for the banks.
The reality is that not everyone will embrace these new features. Offering this technology does not instantly make everyone in the country good with money – those who are too busy, too scared and otherwise not motivated will still make the mistakes they always have. The ones who are craving this power will reward the banks with more business.
Advancing the online banking technology will not put more money in peoples pockets, remove their greed or fix their lack of money skills.
Let me indulge you with an example. I always play it safe – if I have any doubt over how much money I have, I won’t buy. I am not tricked by overdrafts, high credit card limits or buy now pay laters. I like to think I know about money and I don’t like paying interest – I always pay in full and on time.
If I am given more control and information, I am likely to know exactly what I can afford and spend more. As a bonus, if I am told that buying a new espresso machine this month will only cost me £7.24 in interest if I put it on card and pay it the month after, I will be tempted to do so.
There is opportunity here for financial institutions to get a head start on others. I am not afraid to change to a bank that offers me more information, better access, more convenience and is more forward thinking. As banks know, an existing customer is more likely to take a loan or a mortgage or other products.
Better tools to access information and monitor information means people will be using the banks systems more. More usage means more potential for advertising, up selling and gaining customers trust.
If my bank embraced technology even slightly, I would respect them more and listen to what they have to say.
Solutions to Security
There still lies obstacles with security, put in place by self-righteous technology consultants and the paranoid media. Due to this mindset, usability is often completely ignored.
I admit I am not particularly security focused, but I believe finding a solution that is convenient to the user is essential. Regardless, here are some potential security starting points:
- Instead of card readers, how about additional security only when unusual activity occurs? (e.g. different location of login)
- Grant lower security to those who want it. Give us a choice! I will take the risk, because I know I won’t enter my details into www.barclaysbank.somerandomdomain.com/login
- Custom security levels. e.g. by default require additional authentication only when money is transferred (customisable by the user)
- Bio-metrics – some way off for mainstream (who of you has a fingerprint reader?), but should be implemented when feasible
- Trusted machines – link my laptop or desktop to the website, meaning I only have to jump through a hoop once
What do you think?
Are you happy with the banking system? Are you inconvenienced by the security, or do you not mind and prefer the peace of mind? Do you have any alternatives or ideas?