Retail financial services institutions are at crossroads. On the one hand, they need to generate business from new and existing customers and on the other, they need to cut costs. Failing at either of these goals could severely impact an institution's ability to survive. So what can financial institutions do? New Web 2.0 widgets just might provide a novel way to succeed at both.Reports show that more people are increasingly active online on both PCs and mobile devices. Concurrently, new tools allow people to do more online. Social networking tools, like Facebook, allow people to reach out and connect as never before. Desktop and web-based widget frameworks such as Vista Sidebar, Yahoo Widgets and iGoogle now allow users to highly-personalize their online experience, getting updates from everything like news, sports and weather to specialized news feeds in health, finance, and travel. And now mobile frameworks, like those available for iPhone, Blackberry, and Android, provide similar update capabilities. Smart financial institutions are embracing these widget frameworks to capture customers in the places they are already spending their time.
Paradoxically, as the online consumer experience flourishes, the number of people banking online is not growing. In fact, according to one analyst group, it may even be shrinking. While another study has shown that online bank customers are using the online channel more since the recent economic downturn, the total number of online and mobile customers has been disappointing. In fact, the tktal number of mobile bank customers today hovers at around 7 percent of mobile subscribers, by some estimates.
With so many people online, why can't banks effectively reach their customers? Certainly, part of the reason is due to information overload, with consumers having less time and patience for all those vying for their online attention. Navigating to a customer portal, then locating the desired services in complex web pages is time consuming. As such, most consumers visit the portal only when absolutely necessary. By making customer interactions simpler and smoother, banks could build their customer base while increasing online business volume.
Widgets are uniquely suited to simplifying the customer experience. In fact, it is partly the consumers' positive experiences with widgets that are fueling their expectations for banking convenience and availability. Financial institutions can bridge this expanding online customer experience chasm if they can be assured that widget-based banking is secure and available in the places where customers spend time.
Yet providing retail online banking services via secure widgets is not simple. Widgets are consumer tools that are designed to be open, ubiquitous and scalable, but not necessarily secure. As such, they are not typically used to handle secure data, like credit card charges, account balances and a list of recent financial transactions. And for good reason-emerging Web 2.0 threats such as Cross-Site Scripting, Cross-Site Request Forgeries, sophisticated phishing, injection attacks, and more threaten to spoil the party before it gets started. To counter these threats, banking technology experts need to verify that:
• Consumers see only information they are authorized to see. • Consumers are not able to share data with unauthorized users. • Information en-route to customers is not visible to third parties, is not stored on third-party servers and does not traverse public infrastructure un-encrypted. • Attackers cannot comprise sensitive information by exploiting open, consumer technologies. • Attackers cannot initiate new phishing schemes.
To fulfill these requirements, each of the following security capabilities must be incorporated into any viable offering:
• Authentication and identity management; • Access control; • Widget provisioning and preventing phishing attacks; • Defending against Web 2.0-specific threats; • Securing client vulnerabilities, such as Injection Flaws and Anti-automation attacks.
Financial institutions also need to consider how they will support the many different widget frameworks available, particularly since each presents a unique set of technical characteristics. For example, there is very little overlap in the efforts needed to create and deploy a native iPhone application, a Vista Sidebar gadget, and an iGoogle web page gadget. In order to do business with customers "anytime, anywhere," financial institutions must support them all, and the user experience across all platforms must be identical.
Security and supporting multiple widget frameworks represent two of several key issues to consider when rolling out an online and mobile widget offering to financial services customers. On the other hand, the business value of such an offering is so great, that it makes sense for financial institutions to explore the opportunity.
For more information about financial services consumer widgets, download this free report entitled "Web 2.0 Financial Services Online and Mobile Widget Strategy: A Roadmap".
David Lavenda is VP of Marketing & Product Strategy with New York-based WorkLight, a company that develops secure software to help businesses use Web 2.0 tools.