Mobile's Role in Improving SecurityHow Mobile Integration Boosts Cross-Channel Fraud Detection
"Banks can play offense, to use mobile in a justifiable way to engage customers into their security," Van Dyke explains during this interview with Information Security Media Group [transcript below]. "They can actually use mobile to stop security threats in all channels" if they can get outside their standard box of thinking, he says.
The problem for most companies is that their departments and expertise are siloed. Even among fraud and security teams, a number of silos can exist that hinder cross-channel information sharing that could greatly benefit fraud prevention, Van Dyke says.
During this interview, Van Dyke also discusses:
- Why banks and credit unions don't have a realistic perspective about how consumers perceive mobile financial services;
- Steps the industry must take to create a real roadmap for future mobile payments use and adoption;
- How the U.S. lags other markets in mobile adoption.
Van Dyke is a thought-leader in electronic commerce with more than 20 years of experience. He has held key management assignments in strategic planning; market research; product management; market analysis; product and service launches; communications; technology evaluation; alliance and partner management; and distribution channel development with organizations ranging from start-ups to Fortune 100 corporations. Van Dyke has made presentations to the U.S. House of Representatives and at numerous industry events.
TRACY KITTEN: Can you give us an overview of the mobile banking adoption rate among consumers in the U.S.?
JIM VAN DYKE: Our data shows that by the end of this year nearly half of all U.S. adults will use mobile banking, and that is 108 million people.
KITTEN: How does mobile payments' adoption compare among U.S. consumers?
VAN DYKE: Mobile adoption, according to multiple sets of data that we've been fielding since 2002, [is] interesting. I like to say to people, "We should stop asking when mobile payments arose." It actually showed up on our data as being statistically significant about a year and a half ago. It exists now, though it is very, very small. Depending on how you define mobile payments, it's either fairly mainstream in methods of payments, like transfers and even bill pay for many people who are commuters on trains and things like that. In the area of proximity payments, it's extremely low. So, out of the $60 billion [worth of payments] in the U.S. last year that were represented [in Javelin's research], mobile payments' real usage [was] just $3.1 billion of that.
U.S. vs. Global Market
KITTEN: Is the U.S. behind other global markets where financial services that are provided by a mobile platform are concerned?
VAN DYKE: We are definitely behind most first-world markets in the availability of the technology on the part of issuers or merchants. Some of the great technology providers come out of the U.S., but their technology ends up being adopted or deployed elsewhere. If you look at things like EMV, or how much regulation is trying to find opportunities ... I think we're really behind in our strategic frameworks that represent specific capabilities.
KITTEN: What seem to be the primary hurdles in the U.S.?
VAN DYKE: [It depends] on what model will be followed by consumers in mobile payments, since mobile banking is moving along just fine for the most part. We still have a number of banks that identify in their scorecards that for mobile services to their under-banked consumer groups, they will never access their accounts online. Yet they'll require those same customers to go online to apply for mobile access; so, instantly they are blocking customers from using it. Certainly EMV is a challenge, assuming that EMV becomes a primary transaction method. But that is real difficult. We're actually getting ready to make an announcement on some data that we think will help clarify some of those EMV challenges. I think a primary misunderstanding around how fraud will be impacted by mobile is really holding us back in the U.S., which is a shame, because it's avoidable if people just understand the data and the trends.
Banks and Mobile Security
KITTEN: Why is mobile security still so perplexing to so many banking institutions?
VAN DYKE: I think the reason mobile security is so perplexing to many financial institutions, as well as leading merchants, networks, government entities and some of the technology providers out there, is that they're working within their own silos. So they are like kids on the playground, but these kids are experts in fraud or marketing or security, separate from fraud, and they're not working with their counterparts in other specialties. We see it happen all the time. And the great equalizer here can be a common set of data that looks at fraud vectors and security vectors as two separate things. But there is a marketing opportunity to improve acquisition and loyalty. Look at the customer's current and desired behavior across channels. You can do all that, as complicated as it sounds, with real data. How can we turn this mobile security argument on its head? Banks can stop exclusively playing defense and instead play offense and use mobile justifiably as a way to engage the customer, which is what the customer wants. Customers want to be involved in their own security, and we have data to show it in a way that not only stops more mobile security threats but uses mobile to stop security threats and fraud threats in all channels.
Roadmaps for Mobile Adoption
KITTEN: Would you say that groups like the Financial Services Roundtable have offered enough for banking institutions to develop adequate roadmaps for mobile adoption?
VAN DYKE: Without speaking about any one particular group, no, we do not yet have enough being done. The advice that I see, in general, is not fact-driven. Sometimes, for example, they are based on really great government studies; but the government studies on fraud will never be less than two years old. Two years old might as well be a 1,000 years old in fraud. You can look at data and see the types of fraud that criminals are committing change on an annual basis. Even more frequently than that - quarterly, monthly and daily - fraud trends are changing and they need our direction to be fact-driven. We need to, again, stop playing defense exclusively, and use mobile to be an offensive player with the customer.
Sometimes, with some of the advice we see, [we] assume that customers don't want to be involved in their security. They don't want to have banks ask them to do certain things. People talk about just increasing friction; well, that is because of a poor implementation with insufficient usability or education. People want to know why they are being asked to do a particular thing and how that will actually make them tangibly safer. So with the right efforts, if we improve them, because I believe they need to be improved, then we can engage the customer. It could be the kind of profit-driving strategies that really unify all the critical leaders within one particular bank.
Changes in Fraud
KITTEN: Are there any additional thoughts about your research that you would like to leave our audience with?
VAN DYKE: I will just mention, again, how much fraud changes on an annual basis. Whether banks, networks, vendors, security providers or whatever it is, if you're working from a belief where you think the greatest versus the smallest fraud risks are out-of-date, your priorities can't be as effective as they could. So, for example, last year we saw a sharp drop in the amount of new account fraud threats. That is what some call the purest form of identity theft; but, correspondingly, we saw a dramatic increase in existing account fraud, which is within card accounts opened by the bona fide cardholder and other account. The pattern of fraud is really changing from year to year. That gets to be very relevant to any organization, because you can then benchmark what you see going on with your own customers from your own data. Is everybody else experiencing improvement in an area that we're losing ground in? Or are we actually above parity, which is something that a team should know and be proud of? People should let their boss know as well so they can continue to get funding for the strategic initiatives that will drive overall bank profitability.