The phishing attacks banks have battled over the last two years exploit and highlight another trend: the rising use of email by banks to update customers on their accounts and to make calls to action. With banks getting a better handle on phishing attacks, it's time to revisit email as a force for good.
Email alerts, which test well in Watchfire GómezPro consumer market research, can be effective tools for helping online bankers better manage account activity. But credit card issuers remain markedly ahead of banks in terms of alert initiatives, and indeed have continued to innovate within the last year even as financial institutions raised the alarms about fraudulent emails. In particular, Bank of America and First National Bank of Omaha emerge as examples of card issuers that have aggressively rolled out a greater breadth of alert options. Banks, on the other hand, continue to lag. A number of Scorecard banks offer only a rudimentary alert for when new statements become viewable online, while others who offer online statements don't offer this, or any other alert. This brief examines the state of alert functionality available at retail banks and credit card issuers and looks at the disparity that persists with regard to the extent that email alert functionality is offered at both.
With the Q3 2004 Credit Card Scorecard, fifteen of the eighteen issuers surveyed enabled email alert functionality beyond the "new statement available" alert. Two issuers, MBNA and U.S. Bank, failed to offer any kind of alert functionality tracked in the Scorecard, while Capital One provided external notification only when new statements become viewable online. Meanwhile, Wells Fargo only marginally surpassed Capital One, with alert options for new statements and when bills are due.
In general, issuers appeared to recognize the value of enabling email alert functionality to notify cardholders of pertinent account activity. In fact, by far the most common type of alert offered by issuers pertains to new statements (83% of issuers on the Q3 2004 Scorecard), followed closely by notifications for payments received (78%) and bills due (78%). Moreover, two-thirds of Scorecard issuers offer email alerts for when customers' accounts approach a pre-defined credit limit.
While significant opportunities remain for Bank of America to offer a comprehensive range of alert functionality, the issuer has nonetheless made great strides. Bank of America, which only offered the basic "new statement is available" alert as of the Q1 2004 Scorecard, launched additional alerting options and functionality in 2004, including alerts for bill due and payment received, rolled out in time for the Q3 2004 deadline for new functionality.
Overall, 2004 witnessed the roll out of a multitude of new alerts from issuers: First National, for example, launched external alert functionality with a host of credit card-specific alerts, including alerts to notify customers a payment is due or credit has posted. Chase now offers customers a variety of unique options, such as notification that a payment is late and that a customer service message has been delivered to the account management area.
The percentage of issuers offering email alerts in the credit card industry is markedly greater than firms in the banking industry. The Q4 2004 Internet Banker Scorecard shows that many banks lack even basic banking and bill pay alerts, and banks in general demonstrate significantly less of a drive for implementing email alert functionality than issuers. For example, as online statement delivery has experienced a significant surge in adoption across Scorecard banks, availability of the corresponding alert has not kept pace. Only 36% of Scorecard banks offer new statement available alerts, even though 73% offer online statements. In some instances, such as with National City, the "new statement available" alert is the only alert available. In effect, alerting functionality in retail banking is so far behind credit card and other e-commerce sites that some banks don't even bother with the only alert that other banks have yet to prioritize offering.
Second in adoption behind the "statement available" alert among retail banks is the "balance threshold" alert, which hasn't even reached implementation at half the Scorecard banks (43%). The "e-bill is available" alert follows (30%), and is generally available at those banks presenting bills. "Check cleared/not cleared" and "CD matured" alerts come in fourth place (both at 27%). CD matured alerts are especially valuable as consumers with a CD won't typically use online banking to remind themselves of a coming due date, which might be six months or a year or more after the CD is opened.
Opportunity remains for the majority of Scorecard banks to establish a meaningful spectrum of alert functionality. In fact, Charter One, Chase and Citibank are among the few banks offering a wide range of email alerts, with at least six alerts apiece. Indeed, Citibank sets the bar high not only for variety of alerts, but also for designating convenient devices in which to receive alerts. These include mobile phone text messaging, PDAs and email. The user can designate one or all devices on an alert-by-alert basis.
The prominence of phishing attacks underscores a larger trend: Consumers expect to communicate with their providers through email. Alerts are a primary case of this email communication: In addition to credit card alerts, consumers have come to expect email alerts for many online and offline activities including confirmations for online purchases; travel reservations and changes; stock prices and trades; and even weather alerts. Consumer receptiveness coupled with opportunities in the banking industry and the upward trend in alert implementation for credit card issuers suggests more banks should be offering email alerts. Now that banks are making an effort to better manage phishing attacks, they should revisit the potential for email to actually help their customers.
Alice Wang is a Research Analyst with Watchfire GómezPro in Waltham, MA. She can be reached at firstname.lastname@example.org.