Customers’ Perceptions Develop Online Banking’s Security Image

While consumers like the convenience of online banking, financial institutions need to be prepared to mitigate certain risks that may expose consumer information, says a leading authority on data security and privacy.

Larry Ponemon, chairman and founder of the Ponemon Institute notes that many of the studies his group has performed show that people are willing to take certain risks when it comes to using the convenient online banking services. “The consumers are comfortable with the technology and are using it. However, if a company isn’t a good steward of data, and is not keeping it safe, they could lose opportunities for the growth of their virtual business.” Ponemon pointed out that online banking saves a lot of money for financial institutions. “The diminished use from consumers if they perceive (even if it’s wrong) that a financial institution’s data isn‘t secure comes from a variety of sources, some not even related to the financial institution,” he explained.

Financial institutions need to create an image of safety and security about their online banking services. “The more comfortable the consumer is with it, the more they will use it. Most are insecure, because of what they’ve read, or the level of customer service response available to them when they need help.”

One example Ponemon brought forward was when a user forgets his credentials and has to call the bank to reset the credential. “People hear a certain accent on the customer call desk when they’re resetting a password. They become really upset and concerned about the risk to their data when it is being offshored. They don’t want to hear a foreign accent, but an American accent,” he said

It is all about protecting consumer trust in your brand, he noted. “The erosion of confidence is very hard to rebuild once it is lost. Everything is in nuances. Think of it all as a collective,” Ponemon continued. “Banks and credit unions are held to a very high standard, especially in the eyes of their customers.”

Ponemon explained the notification of a data breach to your customers “is the mother of all negative events for a financial institution. If an institution has a data breach online, and tells their customers, it’s not usually a mass exodus from the bank that is immediately discernable.” He said customers who hear about an online banking problem, or breach will not bank online and will go to the branch to conduct their business.

“They don’t churn immediately. So banks that say, ‘well we didn’t lose any customers because of that online data breach.’ What they should look at is how many customers aren’t using the more sophisticated online banking, but are going back to their branches and doing live transactions.” Most times the customers will drop automated bill pay, because that’s a high trust level transaction, he noted.

The overall dependability of a website is important for a financial institution. “You have to show confirmation and an audit trail, and allow the user to print out transaction records,” he said.

When it comes to reading the fine print, many customers complain they can’t understand what they’re responsible for, especially when it comes to online banking, he said. Institutions need to offer the disclosure and disclaimers in larger fonts and better disclosure wording. “There needs to be better language in the disclosure itself. If there is a problem, offer a live contact person, either a privacy officer’s phone number or email. If you can’t offer a privacy officer, at least have a live call available at the customer service desk,” Ponemon added.

This needs to be a well articulated channel that lets the customer get the answers they need, he said. “There exists a poor track record in many institutions, in getting the information to the customer in a clear, concise way.” Ponemon concluded that, “Ninety percent of the time, it’s a misunderstanding. The customer says ‘I’ve opted out, well why am I still getting information from you?’ The institution has to have patience and explain it to the customer.” If that doesn’t happen, it creates consumer angst, which can lead to further erosion of trust, he concluded.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.