By Ross Sleight, Chief Strategy Officer, Somo
Do you think you’re likely to fall victim to bank fraud? If you’re between the ages of 18 and 34, new data from Lloyds Bank shows that you are in the group most likely to. Or maybe you’re older and more experienced? Well, over 55s are likely to lose the most money when scammed – on average £10,716 at a time.
There’s certainly some truth to the fact that internet banking has facilitated new opportunities for fraudsters. But that only tells part of the story. The root cause of our attitudes towards keeping our money safe in the digital age is a fine balance between user experience and security.
The security / UX balance
Despite strides in experience design in financial services, security still provides one of the biggest friction points in the modern banking experience. This is inevitable, as security will always require some proof that a user is who they claim to be. So fintech finds itself in a constant tug-of-war between faster user experiences and solid security processes.
Looking at differing attitudes towards security, it’s not unfair to say that older people have grown up with highly secure attitudes that have had to evolve, as faster and easier ways of authentication have been created through digital technology. Younger users,however,have grown up with this technology and thus will behave differently, potentially being more trusting and leaving them more vulnerable to fraud, as hypothesised by Lloyds.
With users expecting a fluid customer experience, it’s hard to justify adding the abrasive elements that security requires. It can seem counter-intuitive to deliberately make life more difficult for customers, so the trend has been to make security as quick and invisible as possible, aided by the developing operating systems utilising biometrics for authentication. This means financial institutions can deliver fluid customer experiences. But by doing this, they start to potentially downplay the importance of security; when customers can’t ‘see’ security, they don’t ascribe it value.
This is why we are watching the implementation of the EU Payments Services Directive 2 (PSD2) and Strong Customer Authentication (SCA) closely. Under SCA, customers need to provide two of three different factors of authentication for payments; something a customer knows (e.g. PIN), has (e.g. phone) or is (e.g. Biometrics). Although this friction be seen as a negative for customer experience,we believe it is a positive,reinforcing how we regard the value of security of our information and data.
User personas and Jobs-to-be-done working in tandem
In our most recent white paper, we found safety to be the most desired feature from banks in the future, followed by ease-of-use (more intuitive, convenient, and seamless). So how can we deliver both of these things?
Well, user experiences vary depending on how you use banks. With traditional user personas, it’s easy to fall into making generic judgements, and I’d question if these solely are the best routes to develop digital banking services. For example, we may think that older people don’t adopt digital banking, but our research shows they do. This misconception is often clouded by the number of older people below the age of 60 using online banking being lower than say 18-24’s. Or that ‘millennials’ don’t want to use bank branches. Again, our research shows they do, especially as they are looking for help and advice as they move into different life stages.
User personas tend to drive experience design to approach users in demographic silos regardless of needs, which for banking services are often based on life stage, regardless of age or social status. An alternative approach is to look at a series of tasks all customers may need to undertake, known as ‘jobs to be done’, and find the best way to fulfil those tasks, whether online or offline. A holistic journey is required to meet customer needs, and we need to start thinking about how tasks can complement personas to meet consumer needs.
Stop silo-ing products and instead prioritise advice
Helping educate users about their financial options is also an imperative for banks. Customers need guidance and advice, not just a list of products pushed to them. Quite often customers need to understand the mechanics of the financial vehicle as much as that product offering. Remember when you first thought about a mortgage and how alien a concept it was? In today’s digital world, the race to add new financial products (particularly by neobanks that look to bolster the costly expense of a current account with profitable lending products and insurance) assumes customers know what they want, and they can get to products quicker. This assumption may work for a customer segment, but certainly from our research, it would not work for all customers. Incumbents and neobanks need to do more to help users understand the why and the what as to how products can help solve their financial jobs-to-be-done.
The responsibility of financial education falls on many shoulders;parents, schools, and the media are all key sources for greater financial literacy, but our research identified that customers single out banks as a primary provider of financial knowledge.
So, as fintech moves into a more mature stage, it’s time to learn some lessons. Banks must stop making assumptions about their users and focus on solving specific needs in life stages, ensuring customers have access to greater financial literacy to foster greater confidence and trust. This will underpin more successful relationships with financial providers and create competitive differentiation for a wider audience when digital-only neobanks are focusing on serving a financially literate segment quicker and faster than incumbents.As we do that, we must keep in mind the thing that makes consumers trust banks – security. We should understand that by making security increasingly invisible we run the risk of creating the perspective that security is not important and thus diminish and undermine one of the core tenets of banking.
Scams threaten trust in the whole financial services industry, and by collectively reinforcing the necessity and value of security, we can protect a wider audience from the threat of increased fraud.