WHY DO I NEVER RECEIVE SECURE EMAIL FROM MY FINANCIAL INSTITUTION?

Randy Lenaghan, VP at Echoworx

Email is one of the most widely used applications on the Internet due to its convenience, cost effectiveness, and time saving abilities. Because of its ubiquitous nature, email is open to many types of vulnerabilities.

The good news is, there are also many ways to protect yourself against email vulnerabilities. I want to focus on one very important vulnerability – how to secure confidential information in emails. The best way to ensure that confidential information sent in an email is secure – encryption. This should not come as a surprise to anyone who understands security technology.

So, I ask you “Why do I not receive encrypted communication from my investment advisor or my private banker?” Financial Institutions are essentially technology companies. They should certainly understand how encryption technology can be used to ensure privacy and maintain customer trust.

Sorry to say, encryption is rarely used by my Financial Institution when exchanging confidential information with me. When they send me a spreadsheet as an email attachment, to input my financials for a mortgage application – should it not be secure? Sending this type of sensitive data unencrypted through open email is certainly not a best practice but unfortunately it is a common practice.

Think for a moment of the regulatory compliance issues that could rear their ugly head or even the reputational risk that god forbid might unfold. Obviously this thought escapes them.

In addition to enhancing the trust between the Financial Institution and their customers, secure digital communication can play a key role in improving customer experience.

Again, I will use myself as an example. I recently committed to eliminate having physical statements and bills sent to me. Has this created an exceptional experience for me? NO. I am continuously frustrated by all the email I receive stating “Your monthly statement is ready, log onto our website to view”.

I can’t be the only one getting a ton of these annoying notifications. If it was one or two that would be alright but there are many. I don’t want to have to log onto to a website every time in order to view my statement or bill.  The password management alone gives me a headache. With an impending Canada Post strike my frustration has only heightened. In addition to the regular barrage of notifications, I am now receiving marketing emails telling me to come to their website to view my bill – I want this to stop!

Why can’t these statements be delivered in a way that makes it EASY FOR ME – via a simple encrypted email? Having access to this information in the same way I deal with my daily email would make it much easier. Organizations have been struggling to reduce the amount of physical statements and invoices they send via physical mail for over 15 years! It’s no wonder. I cannot believe more progress has not been made with e-statement/invoice/document delivery – safe to say – the way it is being done today does not improve my experience.

What are the reasons for the lack of using encryption for secure customer communication?   I have a few thoughts:

  1. Senders and recipients do not understand the very real risks of communicating confidential information in the clear.
  2. Encryption technology is not always simple to use. Often it tends to add overhead to the communication process. If it is not easy to use the sender and the recipient are reluctant to adopt it – even though they probably know they should.
  3. There are too many different solutions required in order to handle the different communication delivery use cases. By nature, we tend to avoid complexity.
  4. Poorly configured encryption technology can cause network latency. Speed of performance is essential for user productivity.
  5. Customer Communication Management companies have been slow to adopt and promote simple secure email communication.

There is a clear business need for a Software as a Service (SaaS) Enterprise Policy Based Encryption solution that is flexible, adaptable and easy to manage.

This solution must be simple for the sender as well as the recipient and available for smartphones and tablets. It should leverage social login integration to allow users to easily access secure email using credentials from trusted social sites such as Facebook, LinkedIn and Google. The solution should be flexible in how it can be deployed – public/private cloud, on premise or hybrid.

Secure customer communication is just one use case scenario for encryption, there are many others. This scenario however can have a profound impact on B2C and B2B relationships – both critical to business growth.

Encryption technology is a small but important piece of the digital transformation puzzle. It is a mistake to view encryption as something only used to satisfy compliance requirements – encryption can help transform the digital customer experience.

I am hopeful that, one day soon, my Financial Institution will come to the realization that they could substantially enhance the relationship they have with me by leveraging the right email encryption platform.