Connect with us

Banking

PSD2 – the challenges facing the banks when it comes to third party application data access

Published

on

PSD2 – the challenges facing the banks when it comes to third party application data access

By Andrew Whaley, VP Engineering, Arxan Technologies

The next big challenge on the horizon for both the banking and cybersecurity industries comes from impending updates to the EU’s Payment Service Directive (PSD) coming into effect in 2018. The revised directive, known as PSD2, will enable bank customers – including both individual customers and businesses – to conduct their finances through third-party providers. The updated mandate is aimed at providing more flexibility and freedom to users, with customers essentially being able to mix and match individual solutions as they see fit, without having to transfer money from their original accounts to create new ones. This will extend to non-banking solutions as well, for example, paying bills or transferring money via social media.

Andrew Whaley

Andrew Whaley

Nevertheless, this increased flexibility does not come without some major security concerns. Despite Mobile OS’s actively discouraging the linking of applications to ensure data protection, banks are going to be obligated to provide application programme interfaces (APIs) to allow third-party providers access to their customers’ accounts. The only way the new directive will function effectively and securely, will be through the mobile banking application itself. However, the PSD2 does not specify how secure this access will be, nor, what risks will arise, and for who.

Integration and communication

As the PSD2 will only function securely through the mobile banking application, there has to be perfect integration and authentication between the banking and third-party applications sharing its data.

Mobile phone systems themselves actively discourage secure communication between applications because they prefer to keep each individual applications separate, in order to protect the privacy of the end user. No application is able to see what other applications are installed on the mobile phone because barriers have been put in place to avoid the mobile phone working as an interim solution. However, the PSD2 is looking to break these barriers.

The issue comes with the connection between the banking app and the third party app, a point at which attackers can intercept data going from one to the other, or plant malware. Guaranteeing secure integration, authentication, and communication between the two applications on the mobile device is no simple task. The desired end is to ensure that completely secure communication occurs so that at no point can either of the applications be manipulated, nor data leaked. However there is great complexity associated with guaranteeing secure integration between the two applications on the endpoint – predominantly on a mobile phone or tablet. If an attacker is to intercept the communication, it is possible for them to create a malicious version of the application and discreetly access bank account data.

Who holds responsibility?

Unfortunately the onus mostly falls on the banks, with further effect on their customers. It is the customer that will have to authenticate on the third party application, be it Facebook, Twitter or any other mobile app, providing it with permission to access their bank account information. The third party application will then call over to the banking app for permission to access the user’s bank details, leading the banking application to request permission for the third party application to have ongoing access. The customer will then have to confirm and authenticate this request.

Grey areas

The PSD2 contains a number of grey areas, some of which will worry the banks, and others more their customers. Unfortunately, while the directive seems to lay down the law for what it wants the banks to do it, does not specify how any of its mandates are to be achieved. With regard to the APIs, the PSD2 has not proposed a standard as such. This means one bank could publish one set of APIs, while another could publish another completely different set of, leading to a need for different authentication and communication between the mobile applications. This would then create problems when it comes to consuming these APIs as, depending on which bank the customer has their account with, the third-party application through which the account is being accessed will potentially have to build a different adapter and a different API to access the required data. This is mostly an issue for the customer as it may prevent them from being able to access their data through the application they want to use. Additionally, customers may feel their banking data is no longer secure, effecting the reputation of the banks.

PSD2 is quite clear that the banks are still responsible for the ownership, safety and confidentiality of their customers’ account data. The only way the banks can counter this is to implement the technology and counter measures that they already have in place in their mobile applications. They will basically have to force an authorisation through the app which should then mean they will be able to directly communicate with the end user at the point before the third party application has been given any access to the data.

What can be done? 

As mentioned, a big problem with the PSD2 mandate is there is no technical detail over how the banks will securely publish their APIs. The best solution for this would be to instigate a call to action for all the banks to club together and establish mutual standards over how to secure the API, how to secure the authentication, as well as what their code of connection will be, for anyone that wants to use it. This will give a general framework for everyone else to work towards, encouraging harmony across the banking industry.

Unfortunately standards like these will not come into effect immediately, meaning they will not have been established when the directive is implemented in January of next year. Although introducing such a framework will be the most effective solution, in the meantime there are solutions available to provide protection for both the banking applications and the third party applications looking to integrate and access bank customer account data.

Banking

The future of offshore banking

Published

on

The future of offshore banking 1

By Granville Turner, Director at Turner Little.

Despite its misconceptions, the popularity of offshore banking is growing. Not only is it a perfectly legal way of holding your money, but with the right professional advice, it is also reassuringly simple to open an account.

This ease-of-use is prompting many offshore banks to change their offering to compete and make overseas banking even more accessible. No longer is it limited to just the super-rich.

So, what does the future look like for offshore banks? We’ve compiled a list of the top fundamental changes happening in the realm of offshore banking.

Catering to niche markets is the future

Rather than managing account holder’s money in general, offshore banks are tapping into how they can best serve different demographics. Essentially, it is about taking a more bespoke approach to managing money at various stages of life.

But catering to a variety of markets doesn’t just stop there. Many overseas banks are now accepting crypto as a form of currency to appeal to digital, tech-savvy generations.

Cryptocurrency is also attractive for those who see the security benefits it can offer.

Paper chains are fast becoming a thing of the past

As banks move away from paper in favour of digital, security is on everyone’s minds. This is because information is an important asset to many businesses, so protecting it is vital. As such, banks are securing data with the most vigorous encryption security standards.

For account holders, this means digital bank transfers and communication become less of a risk and the smarter thing to do. Paper chains are fast becoming a thing of the past.

Instant access, day or night

In today’s digital world, you don’t need to travel overseas to open an offshore bank account; everything can be done online or over the phone. And like most UK standard current accounts, many offshore accounts now offer online and mobile banking features. So account holders can manage their offshore finances and investments while transferring funds with ease.

Branchless banking

Offshore banks are following the same route of challenging onshore banks by going branchless. This offers substantial benefits for account holders, as branchless offshore banks don’t pass on as much overhead costs to the customer. Ultimately, this means customers can earn better interest rates and other returns on their investments.

Happy to help

At Turner Little, we work closely with offshore banks to provide you with quality service tailored to your needs. With over 20 years of international banking experience and specialist expert knowledge, we will assist you with your enquiries, no matter how complex. And every account we arrange comes with internet banking, card facilities and the ability to transact internationally.

Continue Reading

Banking

Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos

Published

on

Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos 2
  • WeLab Bank designed, built and launched using cloud-native Temenos Transact in less than 10 months
  • WeLab offers next generational digital services for the 7.5m people in Hong Kong to access from their mobile phones
  • Customers can open accounts remotely in just 5 minutes with bank reporting 10,000 account openings within 10 days of launch

Temenos (SIX: TEMN), the banking software company, today announced that WeLab Bank, Hong Kong’s first homegrown virtual bank, has publicly launched using cloud-native Temenos Transact to provide a range of next generation digital services for customers to enjoy 24/7 from their mobile phones. Designed, built and launched in less than 10 months, the fully digital bank has seen rapid take up with a reported 10,000 account openings within the first 10 days of launch.

WeLab Bank is powered by cloud agnostic Temenos Transact for core banking along with Temenos Analytics and Financial Crime Mitigation. Implemented on Amazon Web Services and Google Cloud, WeLab is the first multi cloud digital bank in Hong Kong. Operating on multiple clouds at the same time gives WeLab increased operational resilience and disaster recovery capability and is a regulatory requirement of the Hong Kong Monetary Authority for new digital banks. According to the Economist Intelligence Unit 2020 report for Temenos, 81% of global banking executives surveyed believe a multi-cloud strategy will become a regulatory prerequisite.

Developing a cost-effective and scalable core banking solution was paramount for WeLab. Temenos cloud native software is built for the digital age using API-first and DevOps principles and engineered to deploy in containers and microservices. This makes it easy for WeLab to scale for future business growth efficiently and eliminates the need to provision for peak processing volumes so that the bank only pays for its actual usage, yielding significant cost savings.

Critically, with NuoDB the solution delivers a cloud-agnostic, distributed relational database that enables WeLab to deploy an active-active on-demand database across multiple cloud providers with near zero downtime failover.

Temenos Transact is a preconfigured system and so requires very little coding and with Temenos model bank to address local practices and regulations, WeLab was able to bring its service to market faster and extend its innovation with more than 400 out-of-the-box APIs.

With Temenos, WeLab bank is set to transform banking in Hong Kong. In as fast as 5 minutes, customers can remotely open a WeLab Bank account with $0 monthly fees and start enjoying differentiated services such as time deposits with competitive rates, an interest-bearing deposit account with an instant virtual Debit Card, and real-time payments powered by Faster Payment System (FPS). Everything can be done on a mobile phone, simply and effortlessly.

Adrian Tse, CEO at WeLab Bank, commented: “WeLab Bank was born from an initiative to reimagine the banking experience for the 7.5 million people of Hong Kong. From the start, we knew this vision needed the most advanced cloud native technology and a partner that shared our vision for digital transformation. With Temenos we have efficiently built WeLab Bank from scratch, free from any legacies, with innovative features that proactively help customers to take control of their money and their financial journey.”

Max Chuard, Chief Executive Officer, Temenos, said: “Congratulations to WeLab Bank on the launch of their trailblazing new digital bank. Building and launching a licensed bank in such a rapid timeframe is a fantastic achievement and we are proud to have supported them in becoming the first multi-cloud digital bank in Hong Kong. Temenos cloud-native, cloud-agnostic strategy means we can satisfy the needs of the most innovative and ambitious neobanks like WeLab Bank to run on multiple cloud providers. We know this is just the beginning for WeLab and we are excited to be part of their story as they revolutionize banking for people in Hong Kong.”

Bob Walmsley, CEO of NuoDB said: “We are excited to be partnering with Temenos to help WeLab Bank achieve their aggressive launch timelines and deliver innovative banking services to its customers. We were inspired by the technical vision of WeLab and knew that executing an on-demand, multi-cloud strategy was a perfect fit for NuoDB. Our enterprise-class, distributed SQL database combined with Temenos’ cloud-native technology helps banks of all sizes around the globe migrate to the cloud to improve agility and reduce costs.”

Continue Reading

Banking

The Bank is Where the Heart Is

Published

on

The Bank is Where the Heart Is 3

By Nick Barnes, Practice Director, Financial Services & Customer Success at JRNI

When unexpected events occur, people turn to their banks to provide a sense of trust, security, and stability. They need to be available anywhere, anytime, and from any device. As it’s a business based on trust, one-on-one communication is key.

With the world still emerging from the COVID-19 crisis and endeavouring to avert a possible second wave, every country, state, and region has their own unique requirements. Plus, every customer or member has their own demands. Experts and pundits have discussed a new normal, but what’s normal for now involves keeping customers and employees safe while also providing the same sense of stability as before.

For banks, building societies and credit unions, the main concerns include how to maintain personal relationships amidst social distancing; how to be available at any time on any device; and how to provide a sense of calm and security amidst the chaos.

Adapt or fall behind

Customers are quickly learning which of their service providers are adapting best to this new world. Are financial services providers like banks and credit unions adapting, or falling behind?

Finances are a highly personal topic, and often, illogical or emotional. Will I have enough? Will it be available when I need it? It is always a hot topic of conversation, but especially during a pandemic when unemployment rates are rising, and the economic landscape is unsettled. In the past, a customer could walk into the bank, have a reassuring conversation with a representative and move on.

So, how can banks help their customers through tough financial times during the current crisis, when in-person communication is nearly impossible? One solution is to provide helpful, personalized customer service through digital channels.

While in-person assistance will remain important after COVID-19, customers are looking for assistance now.   Banks are turning to remote video and voice appointments to boost customer satisfaction and meet customer expectations.

3 reasons to use remote appointments

1. To comply with social distancing

Our Modern Consumer Banking Report​​​​​​​ last year showed that when consumers visit branches, it’s primarily to talk face-to-face and ask questions/get help.  Research from Bain reinforces this, and emphasizes that “many retail banking customers think it’s easier to purchase through a human channel, or prefer to speak with an employee before buying a product.”

Due to social distancing measures, branches cannot be customers’ primary way of managing their finances during this pandemic. However, this doesn’t mean that customers aren’t interested in personalized attention that can be made available via video and voice.

2. To meet new demand 

Although spending habits may have changed, consumers are still making critical financial decisions during the COVID-19 pandemic.

Individuals: The financial effects of coronavirus are drastically different from one customer to the next. While some are counting down the days to receipt of their unemployment check, others may be taking advantage of low-interest rates to buy a house. Ultimately, banks and credit unions need to address each customer segment with a unique message and way of providing assistance.

Small business banking: Countless small businesses around the world have been forced to close their doors. Whether they’re needing loans, payment deferrals, or advice, small businesses are looking to their bank as a guide, and a comfort.

Investment management: A recession is upon us, and with that comes a new approach to investing. Financial advisors are fielding questions, providing recommendations, and staying up to date on the market. Beyond this, many are building entirely new strategies for their clients.

Regardless of customer type, it’s clear that each subset of customer needs help from their financial institution at this time.

3. To boost customer retention

​​​​​​​​​​​​​​Financial institutions cannot afford to lose customers during the pandemic, so customer retention is crucial.  Great customer service boosts customer loyalty, and research from Bain shows that loyalty is key to retention:

  • Customer loyalty increases revenue, and loyal customers are less likely to switch to a competing bank.
  • Customers who are a bank’s “promoters” recommend the bank to others as much as six times more than “detractors.”
  • A bank’s “promoters” spend one-quarter more than detractors on their primary credit card.

Ultimately, being able to connect with a customer in need using video or voice can give customers peace of mind and boost loyalty. Delivering personalized financial services without interruption is crucial.

Initial results from video banking show that consumers consider the service valuable. Phoenix Synergistics’ survey from December 2019 found that 17% of customers polled had used video chat through a website or app with their financial institution. Of those that had used video chat, 89% found video chat valuable.

Some suggestions for banks using remote video or voice appointments would be to: firstly ensure your solution is secure and doesn’t expose personal information outside of the conversation; secondly create a culture of consultation to alleviate outstanding fears; thirdly leverage appointment setting to allow customers to pre-schedule consultations and enquiries; finally include remote appointments as part of a wider suite of ‘touchless’ offerings.

The dos and don’ts for bank branches

Forty-three percent of banking customers have expressed their desire to change the way they bank due to the pandemic. As with retail and hospitality, several key customer segments have doubts about visiting physical locations and are transacting more remotely.

The challenge for banks is to make services available wherever customers want to bank – be it by phone, online, or in branch – and when it comes to any transaction, the key is to make customers feel cared for, heard, and secure.

With social distancing parameters in place along with other health and safety measures, there’s significant focus on the need to retool the branch experience. Here are a few suggestions as we move into that next stage of business and interaction:

DO: Have a plan.

Nick Barnes

Nick Barnes

Think about how customers will enter and exit each location. Plan for increased space between people in line, how to attend to at-risk customers, properly spaced lobbies, and waiting areas. Consider your employees and what they need in order to stay safe including break rooms with increased space between lounging areas, removal of shared snacks, availability of hand sanitizer and masks.

DO: Make sure you can effectively manage footfall.

Overcrowding will create fear and loss of trust. Make sure you have plenty of directional signage, crowd control measures, and staffing. Solutions including people counters, occupancy managers, and pre-booked appointments​​​​​​​ both allow for the throttling of traffic, and the ability to build in cleaning time.

DO: Hire the right team and staff adequately.

Being courteous and in control will be the most important ingredient to success. Have enough staff, you will need the extra hands to ensure that all staff is properly trained and ready to enforce new protocols.

Some customers will be understandably anxious going into branches, and some will want to feel that everything has returned to normal, so staff may need to be very firm and well-versed in a new operating style.

DO: Offer customers the ability to bank when and how they prefer.

We’re not suggesting that you remain open for 24 hours, but the goal is to make it easy for the customer. Adding the ability to set an appointment with a wealth manager or an advisor online will enable customers to bank from home, and will enable banks to provide the personalized service customers have come to expect.

Leverage online appointment confirmations to remind customers to have key documents available if they need them. Virtual solutions position the bank to serve as an advisor rather than just a financial institution.

DO: Demonstrate your commitment to a safe environment.

Use clear signage to convey the measures in place to ensure customer and employee safety. Make hand sanitizer or wipes available throughout the branch, and in all high-touch areas. Ensure cleaning supplies are visible, around doorways and ​​​​​​​near greeters to provide customers with an added sense of security. And make sure that employees are following every measure required of customers.

DON’T: Lose customer confidence.

If you are not prepared, it will show, and it will be very hard to gain back customer confidence once compromised. Social media will not be your friend. Forrester Research reports that 52% of US online adults prefer to buy from companies that demonstrate how they are protecting customers against the threats of COVID-19.

DON’T: Overcrowd or fill your branch to capacity.

Consumers are being trained to avoid crowds, so failure at the branch to comply could result in losing their business. Most physical locations are operating with fewer staff and accommodating 10 – 25% of the traffic once allowed. Keep in mind that you only have one opportunity to make a first impression on customers, and they’re looking to trust you have their best interests in mind.

DON’T: Understaff.

You will need to expect the unexpected and having more hands-on deck will prove to be beneficial in the long run.  Having the wrong staff, or those that don’t take the time to learn new operating procedures or feel comfortable telling that customer who won’t keep a mask on, may not be the best fit.

DON’T: Make it difficult for customers to do business with you.

Social distancing introduces a number of disruptions to the way you’ve traditionally done business. So limiting options to customers – providing no ability to bank online or via phone, not having a live customer service voice or chat option – is not going to help. In addition to making sure the services are available, it is imperative to communicate all options to customers.

DON’T: Assume someone else will do it.

Bank staff need to show that the branch is being tended to, cleaned between visitors, and before opening each day. It is important that staff jump in to help move customers safely through the branch, ensure their questions are answered and overall, take a proactive approach to service without assuming that a sign or another staff member will take care of it.  Customers will come to the branch, but gaining their confidence is everything. Don’t lose it by not being prepared. It will be very hard to win it back.

With the constant threat new restrictions in response to COVID-19 outbreaks, banks will need to take a long view on how they enable the operational flexibility that will be needed to adapt to fast-changing conditions.  As people prepare to live more risk-averse lives, banks will need to go the extra mile to ensure customers feel less wary about visiting in person whilst also offering a seamless experience for those customers who prefer to remain in the safety of their homes.  Those that manage to do so will emerge from the crisis with a sustainable advantage over their competitors.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Want to serve your customers better? An effective online strategy is what financial institutions need  4 Want to serve your customers better? An effective online strategy is what financial institutions need  5
Business2 hours ago

Want to serve your customers better? An effective online strategy is what financial institutions need 

By Anna Willems, Marketing Director, Mention A strong online presence matters. Having a strong online presence, that involves social media...

The rise of AI in compliance management 6 The rise of AI in compliance management 7
Uncategorized2 hours ago

The rise of AI in compliance management

By Martin Ellingham, director, product management compliance at Aptean, looks at the increasing role of AI in compliance management and just...

Simplifying the Sector: How low code can aid digital transformation in financial services 8 Simplifying the Sector: How low code can aid digital transformation in financial services 9
Technology2 hours ago

Simplifying the Sector: How low code can aid digital transformation in financial services

By Nick Ford Chief Technology Evangelist, Mendix From online banking to contactless payments and Apple Pay, it has been well...

Why the Boom is Long Overdue (and Here to Stay) 10 Why the Boom is Long Overdue (and Here to Stay) 11
Business3 hours ago

Why the Boom is Long Overdue (and Here to Stay)

By Roger James Hamilton, CEO, Genius Group Virtually every aspect of our lives has been taken over by tech, so...

5 Sustainability Lessons That Are Crucial For Business Success 12 5 Sustainability Lessons That Are Crucial For Business Success 13
Business3 hours ago

5 Sustainability Lessons That Are Crucial For Business Success

By Michael Stausholm, founder of Sprout World (sproutworld.com) Sprout World is the eco-company behind the world’s only plantable pencil, with...

Why financial brands need to understand consumer vitality 14 Why financial brands need to understand consumer vitality 15
Business3 hours ago

Why financial brands need to understand consumer vitality

By Carolyn Corda, CMO at data consortium ADARA Our day to day lives have been turned upside down. Office workers have...

Why and how a modern marketing strategy should put customer experience first 16 Why and how a modern marketing strategy should put customer experience first 17
Business3 hours ago

Why and how a modern marketing strategy should put customer experience first

By Jim Preston, VP EMEA, Showpad In 2004, the Leading Edge Forum coined the term ‘consumerisation of IT’, defining a...

Leading from the front - why decision makers must embrace automation 18 Leading from the front - why decision makers must embrace automation 19
Technology3 hours ago

Leading from the front – why decision makers must embrace automation

By Jeppe Rindom, Co-founder & CEO, Pleo Ask any decision maker at a business about admin and you’re likely to...

Business first, not compliance only is the future for accountants 20 Business first, not compliance only is the future for accountants 21
Business4 hours ago

Business first, not compliance only is the future for accountants

By Peter Bracey, MD at Bracey’s Accountants.  The past few months have underlined the need for better business insight to reduce...

Why Continuity and Succession Planning is Crucial for Businesses Right Now 22 Why Continuity and Succession Planning is Crucial for Businesses Right Now 23
Business4 hours ago

Why Continuity and Succession Planning is Crucial for Businesses Right Now

By Chris Allen, a Chartered Wealth Planner at Arbuthnot Latham explains why it is crucial for businesses to review continuity and...

Newsletters with Secrets & Analysis. Subscribe Now