By Jodi Wadhwa, Vice President Marketing at Arxan Technologies
Today, smart phones and devices are increasingly gaining popularity with many consumers preferring to now conduct their financial transactions on the go. This can include anything from remote deposits, balance inquiries and easy money transfers to mobile peer-to-peer transactions, digital wallet transactions, mCommerce, or mobile payments. In fact, analyst house Gartner forecasted that the volume of mobile payment transactions worldwide will be at £140 billion this year and will grow to £429 billion by 2017; it is easy to understand why hackers would target this lucrative sector.
However, as mobile banking advances, unfortunately so does cyber criminal activity. Hackers come up with new ways every day to break into smart devices and steal sensitive information for their own financial gain. According to the June 2014 McAfee Labs Threat Report, new mobile malware (short for malicious software) has increased for five straight quarters, with a total mobile malware growth of 167 % in the past year alone.
It is clear to see that the ever-increasing adoption rate for mobile financial transactions, coupled with cyber criminals making it a target, makes digital banking and payment protection more of a necessity than ever. Banks are under immense pressure to keep their mobile banking apps safe and up to date, and in order to stay one step ahead of cyber criminals, mobile app developers must deploy critical code – such as jailbreak/route detection, security certificates, sensitive intellectual property, etc. – into “the wild,” to reside in distributed and untrustworthy environments for digital banking or payment apps. Many are doing so without application protection.
Malicious mobile apps
We recently conducted research into the top 100 paid Android and iOS apps, the top free apps on these operating systems, as well as the most used financial services and banking applications. The analysis revealed there is widespread and unfettered hacking of mobile applications on both Android and iOS, with financial apps proving a particularly attractive target for hackers.
As part of Arxan’s research we specifically focused on the 40 most popular financial apps to analyse and understand how pervasive application hacking is and the findings revealed that these apps are deeply insecure. Financial applications are an attractive target for attackers, given the high value associated with the data that they contain. Over half (53%) of Android apps had hacked or cracked versions that were available for download, with 23% on iOS.
As malware is a form of unauthorised code modification or tampering, hackers use specialised tools to target the mobile banking application itself and attack sensitive areas within the application code. They completely reverse-engineer the app back to the original source code and plant their malicious code, and before you can say “HEY PRESTO” the app has been repackaged and redistributed unto the app stores – now with embedded malware and unbeknownst to not only the app creators, but also users downloading the “new” (and not improved!) app.
Financial services app owners also will commonly deploy their products on multiple platforms to ensure their mobile services reach the majority of their total customer base. These high-risk apps, especially with regards to mobile banking and payment applications, require a much more diligent effort in order to protect the overall application from hacking and malware threats. In addition to the potential financial losses, a compromised payment app can have a major impact on consumer loyalty and confidence, and can ultimately have an impact on the share value of these companies.
Infected mobile banking apps
Unfortunately, it is safe to assume that there are already numerous cases of infected apps on countless devices, while a large scale advanced mobile malware attack is lying in lurk somewhere waiting to be activated. Given the magnanimous potential of affecting banking or payment transactions on millions of devices, business to consumer applications are undergoing standardisation on application hardening with run-time protection practices before they are deployed.
With that in mind, our research also revealed that critical exposures in the application’s code can progress code tampering or malware attacks. From customised Mobile App Assessments of financial services apps, we found binary risks in the tune of 100% for authentication exposure, 50% of apps had jailbreak detection code and crypto exposure, and 50% had payment exposure. None of the apps were yet deployed with application hardening protection.
Further, “rich apps” provide more functionality and user experience and hence these apps need to access sensitive data, include access policies for privileged users or enable the processing of valuable transactions. For example, in some banking applications there is jail-break detection, which provides a critical decision point that would prevent users from proceeding with certain high value transactions of the application on a device that has been compromised. However, once an attacker has been able to leverage hacker tools to analyse and reverse engineer the app to locate the jail-break detection code in source code, no matter how sophisticated its logic may be, it can usually be defeated by changing a few bytes in the code.
Ultimately, financial organisations bear an onus of protecting their assets, users and sensitive data against fraud, privacy and financial loss. As the proliferation of mobile devices continues and more financial services are available through dedicated applications, there is an increasing need for mobile application security to be considered and implemented in the development process. This protection is needed to secure the application at rest and runtime. Many organisations rush to get apps into the hands of consumers, and upgrade them to offer the new functionalities and other content driven by consumer demand. The unfortunate side-effect of this is that security often becomes an afterthought.
Developers need to start implementing “application hardening” techniques at the beginning of the app building process. Security processes need to be inserted within the app that will yield self-aware, self-defending and tamper-resistant applications to ensure that the application is highly resilient against hacker attacks and can independently be capable of detecting whether its own state has been compromised, and take remedial actions as needed. Basically security innovation must be kept in-step with the innovation in mobile financial services.
The future of offshore banking
By Granville Turner, Director at Turner Little.
Despite its misconceptions, the popularity of offshore banking is growing. Not only is it a perfectly legal way of holding your money, but with the right professional advice, it is also reassuringly simple to open an account.
This ease-of-use is prompting many offshore banks to change their offering to compete and make overseas banking even more accessible. No longer is it limited to just the super-rich.
So, what does the future look like for offshore banks? We’ve compiled a list of the top fundamental changes happening in the realm of offshore banking.
Catering to niche markets is the future
Rather than managing account holder’s money in general, offshore banks are tapping into how they can best serve different demographics. Essentially, it is about taking a more bespoke approach to managing money at various stages of life.
But catering to a variety of markets doesn’t just stop there. Many overseas banks are now accepting crypto as a form of currency to appeal to digital, tech-savvy generations.
Cryptocurrency is also attractive for those who see the security benefits it can offer.
Paper chains are fast becoming a thing of the past
As banks move away from paper in favour of digital, security is on everyone’s minds. This is because information is an important asset to many businesses, so protecting it is vital. As such, banks are securing data with the most vigorous encryption security standards.
For account holders, this means digital bank transfers and communication become less of a risk and the smarter thing to do. Paper chains are fast becoming a thing of the past.
Instant access, day or night
In today’s digital world, you don’t need to travel overseas to open an offshore bank account; everything can be done online or over the phone. And like most UK standard current accounts, many offshore accounts now offer online and mobile banking features. So account holders can manage their offshore finances and investments while transferring funds with ease.
Offshore banks are following the same route of challenging onshore banks by going branchless. This offers substantial benefits for account holders, as branchless offshore banks don’t pass on as much overhead costs to the customer. Ultimately, this means customers can earn better interest rates and other returns on their investments.
Happy to help
At Turner Little, we work closely with offshore banks to provide you with quality service tailored to your needs. With over 20 years of international banking experience and specialist expert knowledge, we will assist you with your enquiries, no matter how complex. And every account we arrange comes with internet banking, card facilities and the ability to transact internationally.
Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos
- WeLab Bank designed, built and launched using cloud-native Temenos Transact in less than 10 months
- WeLab offers next generational digital services for the 7.5m people in Hong Kong to access from their mobile phones
- Customers can open accounts remotely in just 5 minutes with bank reporting 10,000 account openings within 10 days of launch
Temenos (SIX: TEMN), the banking software company, today announced that WeLab Bank, Hong Kong’s first homegrown virtual bank, has publicly launched using cloud-native Temenos Transact to provide a range of next generation digital services for customers to enjoy 24/7 from their mobile phones. Designed, built and launched in less than 10 months, the fully digital bank has seen rapid take up with a reported 10,000 account openings within the first 10 days of launch.
WeLab Bank is powered by cloud agnostic Temenos Transact for core banking along with Temenos Analytics and Financial Crime Mitigation. Implemented on Amazon Web Services and Google Cloud, WeLab is the first multi cloud digital bank in Hong Kong. Operating on multiple clouds at the same time gives WeLab increased operational resilience and disaster recovery capability and is a regulatory requirement of the Hong Kong Monetary Authority for new digital banks. According to the Economist Intelligence Unit 2020 report for Temenos, 81% of global banking executives surveyed believe a multi-cloud strategy will become a regulatory prerequisite.
Developing a cost-effective and scalable core banking solution was paramount for WeLab. Temenos cloud native software is built for the digital age using API-first and DevOps principles and engineered to deploy in containers and microservices. This makes it easy for WeLab to scale for future business growth efficiently and eliminates the need to provision for peak processing volumes so that the bank only pays for its actual usage, yielding significant cost savings.
Critically, with NuoDB the solution delivers a cloud-agnostic, distributed relational database that enables WeLab to deploy an active-active on-demand database across multiple cloud providers with near zero downtime failover.
Temenos Transact is a preconfigured system and so requires very little coding and with Temenos model bank to address local practices and regulations, WeLab was able to bring its service to market faster and extend its innovation with more than 400 out-of-the-box APIs.
With Temenos, WeLab bank is set to transform banking in Hong Kong. In as fast as 5 minutes, customers can remotely open a WeLab Bank account with $0 monthly fees and start enjoying differentiated services such as time deposits with competitive rates, an interest-bearing deposit account with an instant virtual Debit Card, and real-time payments powered by Faster Payment System (FPS). Everything can be done on a mobile phone, simply and effortlessly.
Adrian Tse, CEO at WeLab Bank, commented: “WeLab Bank was born from an initiative to reimagine the banking experience for the 7.5 million people of Hong Kong. From the start, we knew this vision needed the most advanced cloud native technology and a partner that shared our vision for digital transformation. With Temenos we have efficiently built WeLab Bank from scratch, free from any legacies, with innovative features that proactively help customers to take control of their money and their financial journey.”
Max Chuard, Chief Executive Officer, Temenos, said: “Congratulations to WeLab Bank on the launch of their trailblazing new digital bank. Building and launching a licensed bank in such a rapid timeframe is a fantastic achievement and we are proud to have supported them in becoming the first multi-cloud digital bank in Hong Kong. Temenos cloud-native, cloud-agnostic strategy means we can satisfy the needs of the most innovative and ambitious neobanks like WeLab Bank to run on multiple cloud providers. We know this is just the beginning for WeLab and we are excited to be part of their story as they revolutionize banking for people in Hong Kong.”
Bob Walmsley, CEO of NuoDB said: “We are excited to be partnering with Temenos to help WeLab Bank achieve their aggressive launch timelines and deliver innovative banking services to its customers. We were inspired by the technical vision of WeLab and knew that executing an on-demand, multi-cloud strategy was a perfect fit for NuoDB. Our enterprise-class, distributed SQL database combined with Temenos’ cloud-native technology helps banks of all sizes around the globe migrate to the cloud to improve agility and reduce costs.”
The Bank is Where the Heart Is
By Nick Barnes, Practice Director, Financial Services & Customer Success at JRNI
When unexpected events occur, people turn to their banks to provide a sense of trust, security, and stability. They need to be available anywhere, anytime, and from any device. As it’s a business based on trust, one-on-one communication is key.
With the world still emerging from the COVID-19 crisis and endeavouring to avert a possible second wave, every country, state, and region has their own unique requirements. Plus, every customer or member has their own demands. Experts and pundits have discussed a new normal, but what’s normal for now involves keeping customers and employees safe while also providing the same sense of stability as before.
For banks, building societies and credit unions, the main concerns include how to maintain personal relationships amidst social distancing; how to be available at any time on any device; and how to provide a sense of calm and security amidst the chaos.
Adapt or fall behind
Customers are quickly learning which of their service providers are adapting best to this new world. Are financial services providers like banks and credit unions adapting, or falling behind?
Finances are a highly personal topic, and often, illogical or emotional. Will I have enough? Will it be available when I need it? It is always a hot topic of conversation, but especially during a pandemic when unemployment rates are rising, and the economic landscape is unsettled. In the past, a customer could walk into the bank, have a reassuring conversation with a representative and move on.
So, how can banks help their customers through tough financial times during the current crisis, when in-person communication is nearly impossible? One solution is to provide helpful, personalized customer service through digital channels.
While in-person assistance will remain important after COVID-19, customers are looking for assistance now. Banks are turning to remote video and voice appointments to boost customer satisfaction and meet customer expectations.
3 reasons to use remote appointments
1. To comply with social distancing
Our Modern Consumer Banking Report last year showed that when consumers visit branches, it’s primarily to talk face-to-face and ask questions/get help. Research from Bain reinforces this, and emphasizes that “many retail banking customers think it’s easier to purchase through a human channel, or prefer to speak with an employee before buying a product.”
Due to social distancing measures, branches cannot be customers’ primary way of managing their finances during this pandemic. However, this doesn’t mean that customers aren’t interested in personalized attention that can be made available via video and voice.
2. To meet new demand
Although spending habits may have changed, consumers are still making critical financial decisions during the COVID-19 pandemic.
Individuals: The financial effects of coronavirus are drastically different from one customer to the next. While some are counting down the days to receipt of their unemployment check, others may be taking advantage of low-interest rates to buy a house. Ultimately, banks and credit unions need to address each customer segment with a unique message and way of providing assistance.
Small business banking: Countless small businesses around the world have been forced to close their doors. Whether they’re needing loans, payment deferrals, or advice, small businesses are looking to their bank as a guide, and a comfort.
Investment management: A recession is upon us, and with that comes a new approach to investing. Financial advisors are fielding questions, providing recommendations, and staying up to date on the market. Beyond this, many are building entirely new strategies for their clients.
Regardless of customer type, it’s clear that each subset of customer needs help from their financial institution at this time.
3. To boost customer retention
Financial institutions cannot afford to lose customers during the pandemic, so customer retention is crucial. Great customer service boosts customer loyalty, and research from Bain shows that loyalty is key to retention:
- Customer loyalty increases revenue, and loyal customers are less likely to switch to a competing bank.
- Customers who are a bank’s “promoters” recommend the bank to others as much as six times more than “detractors.”
- A bank’s “promoters” spend one-quarter more than detractors on their primary credit card.
Ultimately, being able to connect with a customer in need using video or voice can give customers peace of mind and boost loyalty. Delivering personalized financial services without interruption is crucial.
Initial results from video banking show that consumers consider the service valuable. Phoenix Synergistics’ survey from December 2019 found that 17% of customers polled had used video chat through a website or app with their financial institution. Of those that had used video chat, 89% found video chat valuable.
Some suggestions for banks using remote video or voice appointments would be to: firstly ensure your solution is secure and doesn’t expose personal information outside of the conversation; secondly create a culture of consultation to alleviate outstanding fears; thirdly leverage appointment setting to allow customers to pre-schedule consultations and enquiries; finally include remote appointments as part of a wider suite of ‘touchless’ offerings.
The dos and don’ts for bank branches
Forty-three percent of banking customers have expressed their desire to change the way they bank due to the pandemic. As with retail and hospitality, several key customer segments have doubts about visiting physical locations and are transacting more remotely.
The challenge for banks is to make services available wherever customers want to bank – be it by phone, online, or in branch – and when it comes to any transaction, the key is to make customers feel cared for, heard, and secure.
With social distancing parameters in place along with other health and safety measures, there’s significant focus on the need to retool the branch experience. Here are a few suggestions as we move into that next stage of business and interaction:
DO: Have a plan.
Think about how customers will enter and exit each location. Plan for increased space between people in line, how to attend to at-risk customers, properly spaced lobbies, and waiting areas. Consider your employees and what they need in order to stay safe including break rooms with increased space between lounging areas, removal of shared snacks, availability of hand sanitizer and masks.
DO: Make sure you can effectively manage footfall.
Overcrowding will create fear and loss of trust. Make sure you have plenty of directional signage, crowd control measures, and staffing. Solutions including people counters, occupancy managers, and pre-booked appointments both allow for the throttling of traffic, and the ability to build in cleaning time.
DO: Hire the right team and staff adequately.
Being courteous and in control will be the most important ingredient to success. Have enough staff, you will need the extra hands to ensure that all staff is properly trained and ready to enforce new protocols.
Some customers will be understandably anxious going into branches, and some will want to feel that everything has returned to normal, so staff may need to be very firm and well-versed in a new operating style.
DO: Offer customers the ability to bank when and how they prefer.
We’re not suggesting that you remain open for 24 hours, but the goal is to make it easy for the customer. Adding the ability to set an appointment with a wealth manager or an advisor online will enable customers to bank from home, and will enable banks to provide the personalized service customers have come to expect.
Leverage online appointment confirmations to remind customers to have key documents available if they need them. Virtual solutions position the bank to serve as an advisor rather than just a financial institution.
DO: Demonstrate your commitment to a safe environment.
Use clear signage to convey the measures in place to ensure customer and employee safety. Make hand sanitizer or wipes available throughout the branch, and in all high-touch areas. Ensure cleaning supplies are visible, around doorways and near greeters to provide customers with an added sense of security. And make sure that employees are following every measure required of customers.
DON’T: Lose customer confidence.
If you are not prepared, it will show, and it will be very hard to gain back customer confidence once compromised. Social media will not be your friend. Forrester Research reports that 52% of US online adults prefer to buy from companies that demonstrate how they are protecting customers against the threats of COVID-19.
DON’T: Overcrowd or fill your branch to capacity.
Consumers are being trained to avoid crowds, so failure at the branch to comply could result in losing their business. Most physical locations are operating with fewer staff and accommodating 10 – 25% of the traffic once allowed. Keep in mind that you only have one opportunity to make a first impression on customers, and they’re looking to trust you have their best interests in mind.
You will need to expect the unexpected and having more hands-on deck will prove to be beneficial in the long run. Having the wrong staff, or those that don’t take the time to learn new operating procedures or feel comfortable telling that customer who won’t keep a mask on, may not be the best fit.
DON’T: Make it difficult for customers to do business with you.
Social distancing introduces a number of disruptions to the way you’ve traditionally done business. So limiting options to customers – providing no ability to bank online or via phone, not having a live customer service voice or chat option – is not going to help. In addition to making sure the services are available, it is imperative to communicate all options to customers.
DON’T: Assume someone else will do it.
Bank staff need to show that the branch is being tended to, cleaned between visitors, and before opening each day. It is important that staff jump in to help move customers safely through the branch, ensure their questions are answered and overall, take a proactive approach to service without assuming that a sign or another staff member will take care of it. Customers will come to the branch, but gaining their confidence is everything. Don’t lose it by not being prepared. It will be very hard to win it back.
With the constant threat new restrictions in response to COVID-19 outbreaks, banks will need to take a long view on how they enable the operational flexibility that will be needed to adapt to fast-changing conditions. As people prepare to live more risk-averse lives, banks will need to go the extra mile to ensure customers feel less wary about visiting in person whilst also offering a seamless experience for those customers who prefer to remain in the safety of their homes. Those that manage to do so will emerge from the crisis with a sustainable advantage over their competitors.
Research exposes the £68.8 billion opportunity for UK retailers
Modelling shows increasing the proportion of online sales by 5 percentage points would have significantly boosted retailers’ revenues during the...
Want to serve your customers better? An effective online strategy is what financial institutions need
By Anna Willems, Marketing Director, Mention A strong online presence matters. Having a strong online presence, that involves social media...
The rise of AI in compliance management
By Martin Ellingham, director, product management compliance at Aptean, looks at the increasing role of AI in compliance management and just...
Simplifying the Sector: How low code can aid digital transformation in financial services
By Nick Ford Chief Technology Evangelist, Mendix From online banking to contactless payments and Apple Pay, it has been well...
Why the Boom is Long Overdue (and Here to Stay)
By Roger James Hamilton, CEO, Genius Group Virtually every aspect of our lives has been taken over by tech, so...
5 Sustainability Lessons That Are Crucial For Business Success
By Michael Stausholm, founder of Sprout World (sproutworld.com) Sprout World is the eco-company behind the world’s only plantable pencil, with...
Why financial brands need to understand consumer vitality
By Carolyn Corda, CMO at data consortium ADARA Our day to day lives have been turned upside down. Office workers have...
Why and how a modern marketing strategy should put customer experience first
By Jim Preston, VP EMEA, Showpad In 2004, the Leading Edge Forum coined the term ‘consumerisation of IT’, defining a...
Leading from the front – why decision makers must embrace automation
By Jeppe Rindom, Co-founder & CEO, Pleo Ask any decision maker at a business about admin and you’re likely to...
Business first, not compliance only is the future for accountants
By Peter Bracey, MD at Bracey’s Accountants. The past few months have underlined the need for better business insight to reduce...