Below are interesting stories the Banking.com staff has been reading over the past week. What have you been reading? Let us know in the comments section below or Tweet @bankingdotcom.
- Websites that adapt on the fly
The days of online banking being limited to desktop computers are over. Modern consumers are increasingly interacting with their banks using mobile devices such as tablets and smartphones. Understanding the popularity and value of on-the-go banking services, a handful of financial companies are beginning to introduce websites with “responsive design” to optimize their digital resources across the online and mobile channels.
- Microsoft Joins FIDO Alliance Security Standards Group
The FIDO Alliance, a consortium of vendors promoting authentication standards that includes Google, PayPal, Lenovo, BlackBerry and Nok Nok Labs, announced a major new member today: Microsoft. The Mountain View, Calif.-based FIDO Alliance (FIDO is short for Fast IDentity Online) is creating a protocol that will let applications, browsers and servers speak the same language for authentication. This could become a universally accepted alternative to passwords, which are considered by most to be too easy to game and too hard to remember.
- Corporate Mobile Banking? Not So Fast
Capital One research suggests security concerns are delaying many business customers’ adoption of mobile for corporate banking, while there is growing interest in commercial cards and self-service capabilities. Fewer than half — 48% — of the finance professionals surveyed by Capital One at the recent Association for Financial Professionals (AFP) Annual Conference said their companies have plans to implement new treasury management tools and/or services this year. Those plans include implementation of corporate mobile banking for a relatively small portion — 12% — of the 68% of responding firms that do not already offer the service, according to Capital One.
- Weak Security In Most Mobile Banking Apps
Security experts this month tested 275 Apple iOS- and Android-based mobile banking apps from 50 major financial institutions, 50 large regional banks, and 50 large U.S. credit unions. Overall, they found that eight out of 10 apps were improperly configured and not built using best practices software development. Among the big-name banks whose mobile apps were tested by security firm Praetorian include Bank of America, Citigroup, Wells Fargo, Goldman Sachs, Morgan Stanley, Capital One Financial, and Suntrust Banks.
- Putting the Pieces in Place: LifeLock and Lemon Wallet
At first glance, LifeLock’s $42.6 million acquisition of Lemon may not seem to fit quite right. To some it may appear that LifeLock is buying access to Lemon Wallet’s user base, but an app with 3.6 million downloads does not justify that kind of investment on its own. As for LifeLock getting into the mobile payments game, the last thing the market needs is another also-ran. Fortunately, all is not as it seems because LifeLock may have actually found a way to avoid the rampant customer turnover which has been plaguing the identity protection industry.
- Bank Opportunity #307: Online/Mobile Gift Cards
Regardless of the form factor, a favorite holiday gift is money. Some people like to give crisp 20s, the hand-written check still has a certain charm (as long as the recipient has mobile deposit capture), but the biggest growth area has been the plastic gift card. Banks should have owned this trend, at least in the United States. Those 100,000 branches would have been good distribution points, a place that you trust far more than the express checkout lane at Safeway. Financial institution still have an opportunity to be major players in digital gift car distribution, especially mobile.
- Banks shouldn’t use text messages for two-factor authentication
A widely used security feature intended to protect access to online bank accounts is becoming increasingly ineffective, as cybercriminals develop advanced malicious software for Android devices, according to a report released Wednesday. Many banks offer their customers two-factor authentication, which involves sending an SMS message with a code that’s entered into a Web-based form.