Håkan Nordfjell explains how banks can increase revenues and tap new markets if they can give users better ways to authenticate themselves.
When it comes to authentication, aren't banks just interested in cutting the cost of fraud?
Håkan Nordfjell. Online banking is about more than cost cutting. Banks are just waking up to the potential for increased revenue and new business opportunities in the online arena. In this context, online security is not just a cost of business to be weighed against losses to fraud. Bank innovation and vision lead the way but trust and security form a barrier; customers will only use the online channel if they trust it. But it will only work if banks change the way they build a business case for trust and security.
In this context, banks need to re-evaluate their cost-benefit calculations for online security. If they only count the cost of fraud they will miss the bigger picture. Poor security has a significant opportunity cost. Banks should focus on the benefits of moving a customer online and getting them to buy more when they get there. Increased security makes each customer more valuable and more profitable.
Isn't a bit of a chicken and egg situation? Online innovation demands better security but banks won't put it in place if there are no immediate revenue or savings. How do you resolve this paradox?
HN. It's a common mistake to believe that current levels of bank security, and particularly static passwords, are sufficient and don't need to be improved. In reality, when security is poor, everyone focuses on the cost of fraud and the difficulty of developing new services in an insecure environment. This makes it hard to upgrade security and hard to develop new business opportunities. Instead, I think people need to do two things. First, they must understand the real cost of insecurity. Second, they need to see the benefits and opportunities created by stronger authentication.
People tend to think about the direct cost of the fraud; the losses to online criminals and the cost of reimbursing customers. But that's only the tip of the iceberg. There are big costs involved in understanding, detecting and preventing attacks and bigger costs to a bank's reputation. Victims assign some of the blame for security problems to their bank. For example, a recent survey in the US found that four in 10 businesses switched banks after suffering a fraud incident. Now the cost of fraud is the expected lifetime revenue from a disappointed customer.
How does better security increase revenues?
HN. You need a baseline of trust and security. Customers need to feel confident to transact with you online. Staff need to be free to focus on business development and service innovation rather than firefighting security problems. Once a secure foundation exists, can banks build new high-value services online.
The trend in Northern Europe is for branches to switch focus from low-value transactions, such as cash withdrawals and cheque deposits, to high value sales, such as loans, financial and business advice. The branch becomes a venue where bank can meet their affluent customers.
With the right security, banks' online portals can become an integrated part of this trend towards high-value, high-touch customer service. It can also increase commerce spending, take care of many more low-value transactions and enable completely new lines of business. If banks want to attract customers, up sell new services and out-compete their rivals, they need good security. It's not just a cost of business. It's good for business.
Håkan Nordfjell is the Chief Operating Officer at Todos, where he is responsible for Global Services and Operations. Todos helps banks and other businesses create trusted, secure relationships with their customers online. Todos was acquired by Gemalto in April 2010.