Creating Value from Mobile Banking

There are over 238 million mobile U.S. subscribers—an astounding 79% penetration rate—and mobile phones are now more pervasive than the Internet. The convenience of anywhere, anytime access is indeed a powerful driving force behind mobility’s growing popularity—and now people want to do more than simply talk on their mobile phones.

People want to use their mobile phones for mobile banking and payments, and the potential is vast. According to MQA Research, 49% of customers would use a mobile banking and payments application; eMarketer reports that 40% of U.S. adults would manage bank accounts from mobile phones. A Visa study shows that 61% of 25-34 year-olds are interested in making purchases with their mobile phones.

The time is right for mobile banking. A recent Online Banking Report, Mobile Banking & Payments 2.0, points to several factors which positively affect the prospects for mobile banking:

1. It works on most phones: Virtually all phones sold today can handle text-based mobile banking, and 88% are Web-enabled.
2. The youth movement: The majority of younger cell phone users already use text messaging, with adoption currently standing at 70%.
3. It has a business case: In the short term, mobile banking has the potential to increase fee income by serving as a core component of a premium online banking service. However, the biggest economic benefit of mobile banking is the deflection of voice calls away from the IVR and call centers.

As U.S. banks surge forward with plans for mobile banking, the focus shifts to consumer adoption. The challenge now is to build a valuable and convenient mobile banking solution which customers will use regularly.

Banks constantly update their online banking sites to enhance customer experience. A mobile solution should be treated no differently. As with online banking, customers will naturally gravitate toward a solution that addresses their needs, secures their confidential data and provides ease of use.

There are three fundamental approaches to mobile banking: 1) mobile browsers, 2) client applications and 3) leveraging existing phone software (e.g. SMS). The real question is: which one provides the most value, security and easily fits customers’ everyday needs?

Mobile Browsers

With the growing popularity of online banking, the use of mobile browsers for mobile banking seems to be a natural fit. In its recent mobile banking report, Javelin highlights numerous strengths of mobile browsers for this purpose, including a) no need for customers to download software, b) better browser capabilities from mobile network improvements, c) automatic updates for consumers, and d) familiarity of experience (similar to online banking experience).

Despite these strengths, mobile browsers also come with numerous problems.

• Form factor: Mobile browsers are inhibited by the small screen and the number of clicks that are often required to complete a task. Trying to make a tiny Web page both visible and easily navigable requires completely rewriting existing Web applications designed for the ample real estate on PC screens. Plus, the customer experience may suffer with lag times and dropped connections.
• Limited availability: Smartphones and PDAs compose less than 10% of the phones in use, and are sold at about that same rate. Additionally, many mobile phones lack mobile browsers, and not all users with Web/WAP-enabled phones have signed up for the more costly broadband data plans required.
• Vulnerability to attacks: Mobile phones lack the personal firewalls, anti-virus software and other protections common on PCs, so mobile browsers are susceptible to threats such as phishing, malware and man-in-the-middle attacks. Additionally, it is likely that all implemented protection mechanisms take place in the same session to the mobile device, never going out-of-band or crossing protocols. This is due to the synchronous mobile browser user interface and modality issues; in other words, going “out-of-band,” would require a user to close the browser session and switch to another application (e.g. voice or SMS).
• Cost factors: Data plan costs can be high with the current mobile network generation. Additionally, in a mobile web attack scenario, the user’s data plan pays for the cost of the attack, so there is no financial disincentive for the attacker.
• Credential risk: User credentials are constantly exposed with mobile browsers, as the user must sign in for every mobile banking session. This is the same exposure that exists with the online banking channel.
• Customer-initiated only: The use of a mobile browser makes it impossible for the bank to initiate communications with the customer. This is due to the fact that the mobile phone’s interface is single-threaded, and therefore the application can not run constantly in the background.

These myriad issues represent serious barriers to adoption.

Client Applications

Some vendors are now providing solutions that employ downloadable client software. This approach brings several benefits as well, including a) the ability for customization, b) a high level of branding and c) lesser charges for data plan access compared with mobile browsers.

However, this approach also comes with its own set of problems:

• Operational Challenge: Forcing users to download, install, learn and gain familiarity with a custom application complicates the rollout and ongoing support. To address this problem, various carriers are now beginning to pre-install some applications, but the arrangement is limited to very few phones (and hence very few customers) and raises support issues (i.e. who does the customer call for support and product updates: the bank, the carrier, the software vendor or the phone manufacturer?). It takes only a few calls in to customer service to negate the return on investment of this offering.
• Limited Availability: With over 12,000 different handset configurations already in use worldwide, creating, deploying and supporting new software on mobile phones is an arduous task. There are currently 5 different mobile operating systems (Microsoft Mobil, RIM, Palm, Symbian, Linux), 3 different major application development environments (BREW, J2ME, Symbian) over 130 different hardware platforms and numerous carrier networks. The fundamental difficulties of developing applications to accommodate all of these mobile phone variations make widespread availability to all customers extremely difficult.
• Vulnerability to attacks: As an application running on the mobile phone without a personal firewall, anti-virus software or other protections commonly found on PCs, custom software is particularly vulnerable to malware.
• Cost factors: Because there are no widely-accepted standards for running client applications on mobile phones and thousands of different handset configurations to account for, developing custom client applications can be prohibitively expensive.
• Credential risk: Credentials are exposed whenever the user signs in for a mobile banking session. Additionally, many users may opt to configure applications with convenient features such as auto-login, but these leave the user’s account vulnerable should the phone be stolen or lost.
• Customer-initiated only: As is the case with mobile browsers, it is impossible for the bank to initiate communications with the customer as the mobile phone’s interface is single-threaded, and therefore the application can not run constantly in the background.

Leveraging Existing Phone Software

A third approach utilizes the messaging software that already exists on mobile phones, and that customers are already familiar with and comfortable using. No download is required and the learning curve is practically non-existent, because it leverages the short message service (SMS, or text messaging) or email applications built into mobile devices. Pre-installed multimedia software can even be used to provide a richer user experience in concert with the messaging functionality.

This approach is readily available to all customers, because it works on virtually every mobile phone, regardless of manufacturer, model or carrier. And it utilizes one of the fastest growing communication mediums available: Gartner estimates 1.5 trillion text messages will be sent in 2007, and predicts this will grow to 2.3 trillion messages by 2010. Further, the cost associated with sending text messages is a fraction of data plan costs for running micro-browsers or custom applications.

Another important differentiator is the capability for 2-way communication. Messages can be initiated by either customers or banks – allowing customers to access their account information and enabling banks to deliver outgoing messages to customers via low-balance alerts, credit fraud warnings and other time-sensitive notifications, along with marketing campaigns for customer acquisition and retention.

This 2-way capability dramatically improves customer service. In addition to account access, banks can offer enhanced 2-way customer interaction services. For instance, customers can avoid waiting on hold by simply sending a text message to automatically get placed in the bank’s call center queue.

Leveraging existing software is secure because the intelligent platform resides behind the bank’s firewall and seamlessly integrates with the many systems of record required to fulfill all current and potential use cases. User credentials are never put at risk, because confidential information is never exposed during transport nor stored on mobile phones. Out-of-band confirmation and multiple factors of authentication – even down to the transaction level – provide strong security and make this approach impenetrable to fraudulent attacks.

It Comes Down to Value

Ultimately, the key is value. Leveraging existing software is the only approach that provides customers with the convenience, security and ease of use to integrate mobile banking into their daily lives. For banks, it reduces costs from other customer interaction channels – particularly IVR and call centers – effectively paying for itself in a few months.

Mobile banking can only succeed with widespread customer adoption. Getting customers to use a mobile banking solution as a regular, everyday tool is where the real value exists for banks and their customers.