The Road To Implementing Mobile Banking
With a few exceptions, the road to implementing banking on mobiles is littered with discontinued mobile banking projects, failed new technology vendors, and shelved deployment plans. For customers, banking on mobiles presents a delicate balance between a conceptually powerful opportunity (being able to transact any time, anywhere) and practical challenges (finicky menu sequences on a small screen and tiny buttons). Many banks launched into mobile banking without a well-articulated idea of what customers’ problems were and how to address those problems. Ivatury and Mas (2008) predicted that poor people are more likely than rich people to use mobile phones to undertake financial transactions.
People in developing countries have less options (if any) for transferring money and accessing banking services, because there is less deployed formal banking infrastructure— fewer branches, automated teller machines (ATMs) generally co-located to relieve branches, and low Internet penetration. So a branchless banking channel using mobile phones could be far more preferable to poor people than the available options: traveling to and queuing at distant branches or saving in cash or physical assets.
How To Implement Banking On Mobiles
First, financial institutions need to bring operators to the negotiating table if they want a customer-friendly, fast, and secure mobile banking experience—it’s a lot harder to construct the service without the active involvement of the operator. Operators control a key element of the security infrastructure, which is embedded within the phone. The service needs to work under precarious conditions (people using low-end handsets in areas with unreliable wireless connectivity), making the correct technology choices critical. In fact, customer experience is determined directly by the technology platform used. So finding the right technology partner and optimizing the operator’s resources is critical. This gives mobile phone operators substantial leverage when negotiating with banks.
Second, customers are more likely to take up the service if they can easily get their hands on cash. Banks need to find a way to provide liquidity through a network of cash-in/cash-out agents. Here again mobile phone operators have an advantage: their network of mass-market prepaid card retailers, which can do double duty as cash agents.
Third, if mobile phones are used to drive customer outreach and mass-market growth rather than to enrich the service experience for existing customers, banks need to develop a highly efficient channel to drive awareness of the service and strong branding to overcome natural customer resistance to new technologies and the associated security fears. Many banks—and not only the smaller ones—choose to rely on mobile phone operators to promote and even brand the mobile banking service given the operators’ credibility with and understanding of mass-market marketing techniques. Once a small bank or MFI considers all of this, the biggest uncertainty remains how to take its customers from their early experimentation with the service to a point where they truly can understand the value it can bring them and they can feel comfortable operating it. There is a large customer adoption barrier—and it’s upfront.
The first time customers use this service, the process may seem confusing and even protracted. But customers become familiar with the process quickly and appreciate the convenience of not having to carry a separate bank card, and especially being able to transact from anywhere to anyone with a mobile phone—not just to get cash at the store.
Back to basics: What is the “it” in mobile banking? What contribution can mobile phones make to banking?
Mobile phone = a virtual bank card. A bank card is essentially a memory device in the client’s possession that serves two purposes: it identifies the user, and it identifies the account (and institution) where the user’s financial balances are held. The mobile phone could be used to securely store this information, thereby avoiding the costly exercise of having to distribute cards to the entire banked population. In fact, the subscriber identity module (SIM) card inside GSM phones is in itself a smartcard (i.e., a card with a chip, similar to the more modern bank cards), although it is not encased in the usual plastic form factor. The bank customer’s PIN and account number can be recorded on this SIM card or on the phone’s memory acting as a virtual card.
Mobile phone = a POS terminal. A mobile phone can be used to initiate transaction requests and communicate with the appropriate bank to solicit transaction authorization. This is the function of a POS terminal at a retail store: it has a screen and data entry keyboard to capture the user’s transaction details, a card reader to capture stored client information (to confirm his identity and locate his account), and a secure communications link with a bank. A mobile phone can replicate this functionality. If the client is using a virtual card on his phone, the mobile phone-as-POS will be able to read it directly; otherwise, a card reader will need to be attached to the mobile phone.
Mobile phone = a human ATM. A POS is used to pay for goods at the store. If we consider cash and access to your savings as “the good” that customers fetch at the store, then that POS (plus the store’s till) serves the cash collection and distribution function of an automatic teller machine (ATM). Mobile phones can provide that POS-as-ATM functionality.
Mobile phone = an Internet banking terminal. Internet banking is based on two fundamental customer value drivers: control (instant access to any account detail I need) and convenience (ability to make payments and transfers remotely). It has demonstrated its usefulness, to such an extent that it is now in the channel arsenal of practically all major banks. But its use is limited in many countries by the poor reach of the Internet itself. The mobile phone device and wireless connectivity bring the Internet terminal into the hands of customers.
Mobile phone = a new way for customers to interact with technology?
The technology elements embodied in a phone may not be new, but what is new may be the way customers relate to the technology. Mobile phones are personal devices. The value of the device is so high for some of us that we even decorate and personalize it like we do our cars or homes. One study indicated that mobile phone users were not without their phones for more than 30 minutes.
The device gives us a sense of immediacy. It’s not so much about anytime/anywhere, it’s about here and now. It gives us a feeling of possibility, convenience, and control. Beyond the cost saving of using an existing deployed base of terminals, how can banks exploit this sense of immediacy to develop a deeper and more meaningful relationship with a customer who happens to have a mobile phone? How can these attributes of the relationship between customers and their mobile phone be used to create new banking services or service models? At the very least, mobile phones provide banks the opportunity to send personalized messages to all their customers—messages that serve to market a new product, introduce a new feature to a service, or alert on specific account activity.
Customers could immediately verify account balances and recent account activity when needed. Moreover, because it allows for two-way interaction, the phone also makes it possible for customers to take immediate action from wherever they are, for instance when they are reaching a low-balance threshold or when there is unusual activity on their account so customers themselves can be part of fraud prevention. This enhances customers’ sense of control. Interactivity can go further into tailoring services as the relationship between banks and their customers matures. For instance, customers could request a higher credit ceiling on the fly, when needed, with verification happening over the phone. In any case, it is probably fair to say that we have only begun to imagine the possibilities of exploiting the mobile phone in creating new service experiences.
Mobile phone = a useful new functionality?
Is there an inherent capability “inside” the mobile phone that really is new, that allows customers to do something that they simply couldn’t easily do before? 6 4 Throughout this paper the case of mobile phones is considered using the more prevalent GSM standard. Some networks use other standards (CDMA, iDEN) that may not use a SIM card. A mobile phone can be used to enter, display, process, store, and transmit information—but so can computers, ATMs, and POS devices, which are the electronic network end-points banks use today to service customers. In fact, mobile phones are more limited than these devices, for instance in terms of processing power. There is really not much that is functionally new in a mobile phone as a terminal device: after all, no one was thinking of banking applications when mobile phone standards were being defined. However there is a characteristic of the mobile phone’s architecture that sets it apart from most other computing devices that could be used for banking purposes. This is the existence of a device within a device, or a SIM card inside the mobile phone.
Neither of the two devices is functionally new: the SIM card is a smartcard (a card with a chip) and the mobile phone is a limited computer. But having one inside the other enables interesting security features. The SIM’s memory contains two essential elements: the phone’s user menu and the security keys that are used to encrypt all information the phone sends to and receives from the network. The memory in the SIM is tightly controlled by the mobile operator; no other party, not even the customer, can access it or store applications without the explicit authorization of the mobile operator. Therefore, the contents of the SIM are much more tamperproof than the rest of the phone or any standard computer. The downside is that the closed architecture of the SIM limits service innovation by third parties.
Combining the tight security of the SIM with the more open architecture of the phone itself allows mobile phones to attain the best of two worlds: a secure kernel within a flexible, service innovation-friendly shell. The mobile phone is also a connected device with a particularity: it can attach itself anywhere on the network, automatically. There is one intrinsic feature of a mobile phone that has so far not been used much in mobile banking applications: location awareness. The mobile phone can be spotted in most mobile networks within a couple dozen kilometers or tens of meters (i.e., either single-cell or with more sophisticated multi-cell triangulation technologies). One interesting idea tested by Bankinter in Spain is using the location of the credit card at point of transaction relative to the cardholder’s mobile phone (which is presumed to be on or near the cardholder). If they are far apart, there can be more reason to question the authenticity of the requested transaction. Summary: The power of economics vs. customer experience A mobile phone is, and always will be, more limited in its capabilities than either a connected personal computer or a specialized POS.
But it has economics on its side. For instance, the high cost of the required dedicated broadband infrastructure and the devices themselves will hinder the spread of Internet banking in developing countries. In rural areas it is further hindered by a vicious circle: low device penetration does not warrant roll-out of appropriate broadband communications infrastructure, and while the infrastructure is not in place few customers will invest in personal computers. But, if we exploit the built-in data-handling capabilities of mobile phones, it turns out that the job of deploying “Internet machines” in developing countries and rural areas is substantially done or under way. By “free riding” on the strong economics of the mobile voice service, business cases have been closed and vicious circles have been broken. But make no mistake: the mobile phone offers a substandard user experience, at least for users unaccustomed to the service.
But driving customer adoption will not be straightforward if they are intimidated when they first hear about it and scared off the first time they experience it. This presents a key trade-off: mobile banking reduces the cost of service delivery but may create a larger adoption hurdle.
Banks who want to use mobile banking to reach out to unbanked customers need to develop strong partnerships for mass-market promotion of the service. Most banks do not have the capacity to aggressively market mobile banking on their own. Banks that want to use mobile banking to reach unbanked customers need access to marketing channels to and brand credibility with precisely those customers who have been excluded from banking. Unlike most banks, mobile operators traditionally use a mass market approach and aim to get into the pocket of every citizen. Banks can learn from the mass-marketing approaches of mobile operators, or better still, can partner with them—and that’s on the marketing and branding side, not just on the technical service delivery side.
Also, there may be other types of service providers or retailers that banks could seek out as marketing partners. Mobile banking does not raise any inherently new security issues; still, ensuring adequate security through a combination of technology and operating processes is paramount. Any bank with an Internet banking channel can offer mobile banking today: all the bank would need to do is “reformat” its Internet banking content from HTML to WAP, to make it accessible to devices with smaller screens and a mobile-specific browser. The security solutions to the problem of Internet banking (fundamentally, communicating through a customer device and over a network that cannot be assumed to be totally secure) apply equally to mobile banking.
Moreover, mobile banking introduces the opportunity of using SIM-based security, which is more analogous to the ATM banking model in its use of cards (physical bank cards or embedded in the SIM card). Whatever the security of the technical solution, operators will need to ensure that operating procedures around it do not open up vulnerabilities.
Sourced and extracted from: Banking on Mobiles: Why, How, for Whom? – by Ignacio Mas