April 19, 2005

Watchfire recently worked with the Ponemon Institute to survey U.S. adult online users about their attitudes towards their bank's privacy and security commitments. The results of the 2005 Privacy Trust Survey for Online Banking show that even in an era of widely-reported privacy and security issues, online banking is still trusted by those who use it and that when it comes to privacy and security, most online bankers have more confidence in online banking than branch banking.

But the findings of this study show that online privacy and security measures taken by certain financial services providers may be especially effective in promoting customer trust. We examine here issues the study raises and ways banks and other financial services providers are addressing these issues today.

To put these issues in context, let's consider that the survey showed customers find issue with both the protection of their information from fraudsters and the use of their information by the bank and/or marketing partners in ways the customer may find annoying, such as telemarketing. But they also realize these issues crop up in other channels, while the Internet can empower in their effort to limit the undesirable uses of their personal information. In short, customer fears regarding abuse of personal information cover both legitimate and illegitimate issues, but customers are capable of viewing the online channel as an ally in their effort to protect their personal information.

Turning to specific study findings, let's start with how banks can increase customer trust in the online channel. The survey offered seven actions banks could take to increase this trust. The action online bankers rated most important was for the bank to set limits over the sharing of personal information with third parties. There are two laudable approaches banks are taking that address this concern.

Many larger banks are specifying that they will not share information with third parties (outside of what is required to serve the customer) without the customer's permission. SunTrust is an example of a bank that draws this line and communicates this policy to the customer clearly within the privacy policy posted on its site.

Juniper, the card issuer, takes another approach by allowing customers to specify whether they are interested in hearing about offers from Juniper by email, phone or postal mail and to specify the same for Juniper marketing partners. Customers who are therefore interested in reviewing offers that might come by email but who find telemarketing irritating can turn channels on and off accordingly.

The action online bankers ranked as second most important for their bank to take was to offer fewer annoying or relevant ads or marketing promotions on their website. Interestingly, though, this concern can transcend the misuse of personal information. Let's consider Wells Fargo, which is taking two steps relating to this issue while also accomplishing other goals. First, it is disassociating itself from pop-up advertisements that might come with spyware. Wells Fargo clearly indicates on its site that it has nothing to do with pop up ads that might appear while the user is at its site. Second, Wells Fargo is pushing more personalized, pre-approved advertisements. Historically, Wells Fargo's online banking offering featured often irrelevant banner ads (such as one promoting a first-time homebuyer mortgage on the same page displaying the balance of the customer's jumbo mortgage). Paradoxically, by using personal information in a targeted way, Wells Fargo may be improving the experience of online bankers.

Now let's consider how online bankers would react to a breach of personal information. While 55% of online bankers fear unauthorized access to their accounts through online banking, the study shows online bankers fear identity theft more, with 82% citing this as a prime concern. We have seen a lot of progress in addressing this sensitivity: The Q4 2004 Watchfire GómezPro Banker Scorecard, covering 30 large, medium-sized and Internet-centric banks, shows 90% offering educational links on the site to information about identity theft and 60% giving customers specific instructions on how to reach the bank to report an incident.

All these customer concerns regarding both legal and illegal use of personal information come with an upside: The study found that respondents who have a high level of confidence that their bank is committed to protecting their personal information are more likely to do complex banking transactions online than are other respondents. Consider again that most online bankers already consider online banking better than the branch when it comes to preserving the sanctity of their personal information. In these findings, there appears to be opportunities for banks that address the most pressing customer privacy issues with online solutions to actually boost customer confidence through the online channel and to profit from doing so.

Chris Musto is Vice President, Research, for Watchfire GómezPro, based in Waltham, Mass.