How to improve CX without sacrificing security
Social distancing has shifted staff to home working and prompted more widespread use of internet-based resources to deal with a surge in client contacts. This last point has been an ongoing trend for many years, particularly within retail banking, but it is now clear that as society becomes more comfortable with internet-based transactions, the whole sector must focus on how to improve the experience without sacrificing security.
According to the World Retail Banking Report 2020 (WRBR) published in June by Capgemini and the European Financial Management Association (EFMA), over half (57%) of consumers now prefer internet banking, up from 49% pre-COVID-19. The move to e-banking is increasingly fuelled by the online experience and the desires of millennials rather than physical location of branches. The 2019 Consumer Digital Banking Survey from PwC, found that: “One out of two consumers over 35 chooses a primary bank based on the local presence of a branch or ATM. This falls to 30% for consumers under 35. Additionally, this younger demographic values recommendations from friends and family more than from a bank, with more than 50% of consumers under 35 saying they will open a primary bank account based on a trusted referral.”
Finserv is an area where many are turning to customer identity and access management (CIAM).
These data points make the customer experience of critical importance, yet financial services may trail behind retailers such as Amazon or social media giants such as Facebook when it comes to building an engaging experience. This is an area where many are turning to customer identity and access management (CIAM).
The concept is often pigeonholed as a “cyber security” component and this is most evident in areas such as smartphone apps secured by biometric fingerprints, or multi-factor Authentication to secure identity and prevent fraudulent transactions. However, CIAM is shaking off this stereotype to focus on elements such as how data is exchanged between different applications within a service to reduce friction and annoying inconsistent experiences across channels that plague e-banking.
Some of these new techniques are being borrowed from the world of ecommerce where retailers have recognised many of the roadblocks that lead to shopping basket abandonment – and consequently – fewer sales. For example, applying for a financial product that requires an existing and registered user to fill out an additional online form that requests replicated data that they already supplied when applying for the account will undoubtedly lead to fewer applications.
This is a common complaint that is due to service aggregation platforms that are merely acting as sales agents to push a customer to another service provider – but not – passing the prospects details over with the lead. Other, similar issues include forcing multiple identity checks as users try to access different parts of a financial service that may have been bolted together via different systems – that may well have separate login requirements.
Each time a customer is challenged with usernames and passwords – there is a slight drop off in successfully completed transactions. It might only be a few percentage points, but when scaled out to millions of transactions – this leads to a significant loss of potential revenue. And lowering of customer satisfaction.
Part of the issue is technology, which is further complicated by compliance requirements. Dealing with the former; financial services tend to have a lot of applications and many of these core platforms are highly bespoke. Many organisations are naturally cautious about extensive redevelopment to add functionality, so a spider web of bolt on separate apps and functions exist that make core changes quite difficult.
Another technical hurdle is data exchange between different organisations. Although this situation is improving with the progression of the EU led Open Banking Standards, not every organisation has reached the same level. Take General Data Protection Regulation (GDPR) consent as just one example. Collecting consent is not difficult but having a centralised system that enforces these rules is more challenging. When sharing data with third parties, an organisation should be able to make decisions at a granular level including which data has consent been granted? which data does this third-party app need? And what additional organisational data needs to pass alongside the customer data to fulfil the request?
To meet this challenge, a number of organisations in the UK are utilising CIAM as a kind of abstraction layer that can sit between applications to manage how data is secured, parsed and exchanged between internal applications and external third parties. This approach makes it easier on development teams as the core applications don’t need to be rewritten and policy changes such as applying consent or anonymisation, can happen and adapt at the CIAM layer.
CIAM is not a magic bullet and there are still some hurdles, especially with older, legacy applications that may utilise high propriety communication protocols. There still needs to be some untangling of how applications integrate and what data must be shared or withheld to meet service delivery aims and regulatory constraints. The newer challenger banks and non-traditional finserve providers with less legacy systems are better placed to overcome these issues and consistently do well in Net Promoters Scores (NPS). In 2018. First Direct, a dedicated online bank was ranked by 62% as having a “Good digital banking service” – a whopping 22% higher than its parent company HSBC.
With more organisations, including retailers, telecoms providers and even social media giants looking to move into financial services provision, making the customer experience seamless and engaging is set to become the deciding factor for success for the industry. Improving security is a given, but without making every step of the journey easier, traditional banks will lose out to more agile and savvy competitors.
