If They Can Do It, So Can Banks

The other day my brother called me from his cell phone. Of course receiving his call from a cell phone is not really a big event. It happens all the time. Fifteen years ago it might have been a big deal. He probably would have been calling me to say “Dude, I’m calling you from a cell phone.” It would have been a big event because airtime was fairly expensive 15 years ago and mobile phones were mostly reserved for people driving BMW’s.

Today, a cellular call from my brother is about as exciting as watching the traffic crawl along outside of my office window. But this wasn’t a typical cellular call. This call was transmitted from an iphone to my computer via Google talk.  Among other things, Fring allows you to use your iphone to make calls to your instant messaging friends using an instant messager like Google Talk. Your data connection transports your voice over the internet.  Thus, Fring allows you to talk all day long without using minutes from your call plan.  Skype offers a similar service for Windows mobile devices.   Fifteen years from now, I might think a VOIP conversation that originates on a mobile phone is mundane.  Today, I am intrigued by the success of Fring despite a business model that competes with the mobile carriers that supply the bandwidth that on which Fring depends.

If a startup like Fring can deploy its service without a partnership with mobile carriers, why can’t  banks do the same?  Do banks really need carrier cooperation to roll out mobile NFC payments?  As I mentioned in a previous posting, smart phones, cheap data plans, and mobile market places are enablers that make it much easier to offer mobile services without carrier cooperation. Fring is a terrific example of  those enablers in action.

Banks may not even need device manufacturer support.  A Hong Kong company is set to produce an NFC device (e.g. a sticker), that communicates with the handset via bluetooth.  Thus, users can turn their phones into a smart electronic ticket, rewards card, or payment device without buying a new phone or waiting for manufacturers to include NFC support in their next handset.

So it seems the chicken and egg problem has been solved.  We have some eggs. Now it is up to financial institutions to start making them hatch.

Broadcast Your Payments on Twitter

I am a believer in the potential payment opportunities afforded by Social Networks. That’s why when I read about Twitpay,  I immediately went out and signed up for an account.  Signing up for Twitpay was fairly simple. I followed Twitpay on Twitter, and then claimed my account on the Twitpay.me site. Twitpay sent me a direct message with my Twitpay pin. I was then able to login to Twitpay using my Twitter username and my newly assigned Twitpay pin.

Sending a payment promise to one of my Twitter friends is also fairly trivial.  For example, if I wanted to send my brother a payment for lunch I would tweet something like this: @soninlaw twitpay $5 for lunch. I can track who I owe and who owes me from the visually appealing Twitpay website.

Actually settling your payment obligations is a little more complicated.  Selecting “Settle Up” from the Twitpay site takes you to the Amazon payments site and prompts you to login using your Amazon credentials. Like most people who would use Twitpay, I already have an Amazon account. However, I had never linked my checking account to Amazon, and you have to link a bank account to Amazon in order to settle your Twitpay obligations.  I also had to settle twice: once with Twitpay (they charge .05 cents per payment) and once with the recipient of the funds.

The recipient of funds must also sign up for Twitpay and Amazon. Once I send the recipient a payment through Amazon, they must accept the payment (I believe this is an Amazon requirement). If they don’t accept the payment with in 24 hours, I have to go back into Twitpay and settle up again. Amazon takes a cut of the final amount delivered to the recipient.

Although Twitpay shows promise, it is not yet ready for prime time.  The Twitpay site is a bit buggy. Both Firefox and Internet Explorer had problems with some of their pages and at times the site just wouldn’t load at all.  In addition, I’m not convinced that managing payments via Twitter warrants the inconvenience of three sets of logins (one for Twitter, one for Twitpay, and one for Amazon) and an additional fee (Twitpay takes 5 cents for every payment).  I am also not  thrilled about broadcasting all of payments to anyone who cares to read them. For Twitpay to work, I have to leave all of my updates available for public consumption.

If Twitpay is to live up to its potential, it will need to provide a good reason for me to use them instead of PayPal and Amazon.  As it stands today, Twitpay makes it easy to tell people I will pay them, while using PayPal, or going directly through Amazon, makes it easier to actually get people their money.

Google Moderator: An Easy Way for Banks to be Social

As Banks struggle to maintain their credibility, it is especially important to build goodwill, establish trust, and be concerned without seeming trite.  Many, many articles have been written on the value of web2.0 tools and their ability to engage customers in conversation.  

Personally, I hate to label blogs, wikis, and social network sites as “web2.0”.  To me, web2.0 denotes a technology; focused implementations of a larger phenomenon.  Web2.0 is simply the technology that makes a bottom up, flattened, social, collaborative web possible.

I am not one that gets all pumped by telling people about my life on social networking sites. Still, I have to admit that many of my preferred social networking tools are useful and enrich my life.

So, while I definitely don’t believe that starting a blog or wiki will pump up your stock price, I do think that financial institutions can benefit from the social web.  Of course blogs are very easy to start, but they generally don’t solicit a lot of two way conversation.

TechCrunch reported on a story about how Google is using crowdsourcing to help people save money. Google calls the site TipJar, and it was built using their Moderator product.  Surprisingly enough, the Moderator name accurately describes what it does: Moderate conversations. 

With TipJar, participants submit money saving ideas, and the “crowd” votes on those ideas. The ideas with the most votes rise to the top.  The best thing about Moderator and TipJar is that they are built on the Google app engine.  Any person, or any organization can use the Google App engine to build their own version of TipJar.

This is a great opportunity for banks and credit unions to take their social media strategy to the next level. Build a Google Moderator application and become part of the crowd.  Bank employees and customers can participate in ideas and vote the best ideas to the top.  It wont save the world, and it will probably be hard to prove a tangible ROI.  But, the next time you post a message on your website about how you understand the economic hardships of your customers, your customers might actually pay attention.

Payment, Mobile, and Online Security Mashup

• ThreatMETRIX Online Fraud Control and Chargeback Protection USA
  ThreatMETRIX monitors online profiles of users to determine the risk of a sensitive transaction. Their risk profile will work even if the users browser has disabled cookies or javascript. The service also accesses a reputation network to determine if the presented user has been flagged on any other web services, firewall logs, and honey pots. This looks very similar to some of the services offered by RSA.
• Silver Tail Systems: Protects Websites from Logic Attacks
  “Online criminals don’t need to break into your website, VPN or secure networks to defraud you or your customers. They can use the front door – exploiting legitimate business logic or business logic flaws of the website itself”. Silver Trail has two products. The forensics product monitors you site and raises alerts when it identifies suspicious behavior (deviations from the norm). It also provides a search tool that allows administrators to investigate behavior. The rules engine provides a mechanism that allows administrators to restrict navigation flow on the site for specified users.
• NCore Systems
  NCore Systems provides enterprise class delivery channel solutions to Banks within the ASEAN region fusing applications, innovative security and middleware technology into a single integrated platform. The company builds complete virtual financial destinations that empower Financial Institutions to ‘reach out and touch’ their customers through the innovative use of web based and mobile technology. Basically, they provide online banking and a software based mobile banking second factor authentication.
• Aradiom: Mobile framework, Security Token
  Aradiom provides a security token application that can serve as a second factor for online sites. The Aradiom SolidPass can be used to generate a one time password, generate challenge codes, and security questions. SolidPass also supports Transaction Data Signing (TDS). This allows the user to authenticate the transaction with a challenge issued by the enterprise and a response generated by SolidPass based on the transaction details
• Acculynk: Software Pin Capture
  Acculynk provides a solution that allows online shoppers to pay for products using a unique software pin capture solution. The solution allows you to enter your pin using a pin pad control on the screen. The order of the numbers scramble after each digit in your pin is entered. The biggest advantage is the reduction in charges to the merchant. In many cases, pin purchases cost less than credit purchases.
• Atmel Products – Security & Smart Card ICs – Secure RFID: CryptoRF
  CryptoRF is 64 bit encryption security for RF devices. CryptoRF product labels, tags, and cards are virtually impossible to copy. Rather than using passwords that are easily captured during contactless transactions, CryptoRF devices use the authentication keys, session encryption keys and a random number to generate a unique identity, or “cryptogram”, for each transaction. The host reader and the CryptoRF device must both be able to duplicate each other’s cryptograms before any data can be accessed or written.Uniquely, CryptoRF devices allow two completely independent users, each of which has its own separate authentication key to access the same section of the memory. This feature is useful for applications such as cards used in cash-transactions.
• TazTag mobile identity
  The TazCard is a new multi-purpose device in a slim credit card format (6 mm in thickness).  It’s like a personal safe with a large touch screen, a fingerprint sensor and various communication interfaces (NFC, USB, ZigBee) TazCard interfaces with a range of security applications such as access control, ticketing, couponing and payment. If required, a Java Software Development Kit makes possible the addition of further customized applications. I really like the finger print technology. Also, all data exchanges requires approval. So, the card will not exchange information unless the user is authenticated (with finger print) and authorizes the data exchange.  I think NFC payment adoption would accelerate dramatically if fingerprint technology was introduced in phones at the same time NFC chips were introduced.