July 29, 2008

SiteKey uses a two-step process that clearly identifies both the customer and the bank when accessing online banking. First, the bank uniquely identifies the customer's device (in this case, a mobile phone) or, if using an unrecognized device, prompts the customer to go through additional security steps (such as security questions). Once the bank has established the customer's identity, it will present an image and phrase (previously selected by the customer) to identify the bank to that customer. The point is to help reassure customers that access to their accounts will be secure and well protected, and that their personal information will remain private and confidential.

Device Fragmentation. Another major challenge is connecting to multiple devices. Most wireless devices on the market are different from one another, and new technologies are being introduced faster than efforts to standardize (see Figure 1). To address this issue, developers worldwide have joined forces to build a community around a shared repository of device capability information, called WURFL (the Wireless Universal Resource File).

WURFL is a configuration file that contains information about the capabilities and the features of all wireless devices. By using WURFL, we can develop content pages using abstractions of page elements which, at run time, are converted to the appropriate, specific markup types for each device (see Figure 2). In short, WURFL helps us identify the capabilities of each device so we can serve different content to different devices dynamically. However, WURFL is not a stand-alone solution. It is still critical to work closely with the wireless operators to address a wide range of technology and security challenges.

Scalability and Reliability. A third challenge we found is creating a platform that balances reach and richness. While some technologies (such as SMS) offer extensive reach, they have other limitations. Other technologies offer a richer experience for customers, but limit the number of customers who can actually use it. Finally, any technology introduced has to be up and running in a true 24/7 fashion, effectively managed and maintained, and able to support potential growth in the years ahead. As more and more customers begin to rely on mobile banking, their expectations should increase proportionally. Banks unable to meet these performance and reliability expectations may lose customer confidence and, in turn, negatively impact customer retention.

Latency and Network Interruptions. One particularly interesting challenge we faced was addressing the issues around connectivity. Mobile Web connections are usually slower than broadband connections -- by as much as 10 seconds -- even after reducing some of the clutter normally found on Web pages. Fortunately, we found that customers were good about accepting a 10-second refresh interval. We were also initially concerned about addressing the potential loss of connectivity in the middle of a transaction. For example, is the information simply lost, or should it be cached locally and then uploaded when the network becomes available? However, this concern became a non-issue over time because we found that customers were not experiencing dropped connections.

Staff Training. Any newly introduced technology is bound to cause some confusion for customers, so it is critical to have well-trained customer service associates on hand who can help smooth out the process. At Bank of America, we trained our associates in all areas of mobile banking and actively encouraged them to use the technology so they could fully understand the concerns of our customers. Through this hands-on, personal experience, we were able to more effectively address customer queries.