Strategically Speaking will now be published under the Jack Henry & Associates branding. You can visit and subscribe to the new Strategically Speaking here. Thank you for your support and we hope to see you over at the new website!
Author: June Middleton, JuMiddleton@jackhenry.com
Retailers, hospitals, government agencies, and details of their data breach woes continue to appear in news and social media headlines, and the pace of the data breach announcements appears to be speeding up, instead of slowing down. Organizations continue to spend thousands (if not tens of thousands of dollars) on technical security controls (firewalls, intrusion detection/prevention systems, anti-virus/anti-malware programs, encryption, access management, virtual private networks, etc.) to create strong security controls using a defense in depth strategy. In Computerworld’s Annual Forecast survey of 194 Information Technology (IT) executives, 43% of them expected their IT budgets to increase in 20151. Due to the recent high-profile security breaches at a myriad of companies, security spending propelled to the top of their IT priority list for 2015. If organizations have continued to increase IT security spending, then why are the bad guys still getting in? If only I had a dollar for every time I have heard or read ‘the human is the weakest link in IT security’ over the past 12 months.
Human weaknesses are exposed by Social Engineering, which is defined by Wikipedia as the psychological manipulation of people into performing actions or divulging confidential information.2 Social Engineers (aka con men or human hackers), have been around since the beginning of mankind (e.g., the Serpent convincing Eve to eat the fruit from the tree in the middle of the Garden of Eden in Biblical times). Today’s malicious social engineers primarily fall into three categories:
- Opportunists with little preparation and little to no budget (a scammer who sends out a customized blanket phishing email);
- Well-funded attackers with lots of preparation (corporate espionage, organized crime, politically motivated attacks); and
- Trusted Insiders (former NSA employee Edward Snowden).3
Chris Hadnagy, CEO of Social-Engineer, Inc., in his 2015 book titled Phishing in Dark Waters, mentions that “Analysis of almost all major hacking attacks from the past 12 months reveals that a large majority involved social engineering – a phishing email, a spear phish, or a malicious phone call (vishing).” 4 These are just a few of the many attack vectors social engineers use against organization employees, and other individuals or companies those employees know, to gain their foothold into organizations and steal sensitive/confidential information. If the human truly is the weakest link in information technology (IT) today, then why are organizations not spending more of their IT budgets, both time and money, on mitigating the human weakness? While common sense tells us that no organization is 100% protected from the persistent malicious social engineer, it would seem reasonable that organizations must add an additional layer of defense that addresses mitigating the human risk to their IT system security. A one-size social engineering defense strategy does not fit all, and strengthening this layer of human defense should be three-fold:
- Performing periodic social engineering assessments (SEAS) by external professional social engineering penetration testers;
- Creating policies and procedures that are tailored to mitigate the organization’s unique social engineering vulnerabilities, as revealed from the periodic SEAS; and
- Conducting ongoing social engineering security education and awareness training, with a focus on the lessons learned from the SEAS.5
What is your organization doing today to strengthen its greatest weakness and protect its most valuable assets?
1Collett, S. (2014, November 3). 2015 Forecast: IT spending on an upswing. Retrieved from: http://www.computerworld.com/article/2840907/forecast-2015-it-spending-on-an-upswing.html
2Social Engineering. In Wikipedia. Retrieved on November 20, 2015, from https://en.wikipedia.org/wiki/Social_engineering_(security)
3Conheady, S. (2014). Social Engineering in IT Security. New York, NY: McGraw-Hill Education.
4Hadnagy, C. & Fincher, M. (2015). Phishing in Dark Waters. Indianapolis, IN: John Wiley & Sons, Inc.
5Conheady, S. (2014). Social Engineering in IT Security. New York, NY: McGraw-Hill Education.
Author: Pat True, RTrue@profitstars.com
There is a formula which lights the path of every extraordinary performer, whether in the field of sports, sales or any other walk of life. It has to do with the old adage of being a “student of the game.” Today, when we hear that term, we think of individuals who have risen to the top in their field. A current example would be Peyton Manning. In the past, examples have included people such as Mia Hamm in sports or Steve Jobs in technology. All of these individuals were the ultimate students in their respective fields of expertise. They knew the game perhaps as well as anyone, but they also knew that to succeed they had to remain hungry for knowledge. They knew the game was ever-changing and in order to stay relevant they had to stay engaged. You can apply a very simple formula to people like this in order to describe their success. It defines a minimum standard for remaining a student of the game in your chosen industry.
60% learning / 40% direct tasks
Where the 60 = (20P + 20E + 20C)
Let’s break this down. “MS – SOG” simply stands for Minimum Standard – Student of the Game. Using the field of financial sales as the example, the numbers “60/40” represent the percentage of time spent increasing your field of knowledge versus performing actual sales tasks. If you spend 40% of your time committed to direct sales tasks such as appointment setting, sales presentations, follow up meetings and contract negotiations; the other 60% is broken out as follows:
20P – Roughly 20% of your time is spent in the pursuit of product knowledge. This includes learning your product inside and out, keeping up with changes in technology, keeping up with new features, serving on change control boards, etc. As you move down this path, you eventually become a specialist who can guide others in the understanding or your products, both inside and outside of your organization.
20E – Roughly 20% of your time is spent studying the external environment surrounding your sales effort. For financial professionals this means constantly studying local market conditions, regulatory issues, economic indicators, etc. This is where you can really shine. It is also what sets you apart from others in your field – since many will not take this challenge to heart.
20C – This 20% or your time is special, because it represents the “know your customer” rule. To be a true student of the game you challenge yourself to know your customers as well or better than they know themselves. What are their goals and dreams? What keeps them up at night? What are their greatest challenges and how do they face them? This means knowing their industry and their business. It means knowing them so well that you can anticipate needs before they even know they have them.
By committing yourself to be a student of the game, you will be stacking the deck in your favor. You will all but ensure success in your chosen field. Gone are the days where a salesperson can simply know the product and enjoy success. Today, with the speed of technological improvement and the changing playing field, you must make a significant effort to achieve success. Years ago, an observant banker said, “When I started in banking in the early 1980’s, I had to account for every minute I spent away from my desk. Today, I have to account for every minute I spend at my desk. I am expected to be out hunting down new relationships. They do not walk in the door much anymore.”
In order to truly understand the 60/40 rule, you also have to understand that much of the 60% comes from “off the clock” work. This is why so many will not achieve the top levels of success. Those who do are spending countless hours outside of the normal nine to five work day. They are reading books, studying industry publications and doing additional research – much of which is on their own time. They know that by doing this they will maximize the effectiveness of their actual time on the job.
This quote from an unknown author describes what it means to be a student of the game. It is about a famous race horse, but it translates very well to our world today and even better to the very human world of sales. It was a tribute to Man o’ War written after his death in 1947.
Man o’ War was the greatest racehorse who ever lived. In his lifetime he ran only twenty-one races. His total racing time was thirty-three minutes and thirty-two seconds. Stop and think about that. Think about it – in all of his life Man o’ War ran in competition for only half an hour. His fame as the greatest racehorse of all time was built on just that half hour. That’s what history remembers – only his races in competition.
But the days and the weeks and the months of stubborn and relentless training – the days and the weeks and the months with no one in the grandstands – with no one to cheer him on but his own pride and ambition – these were the important things. These were the things that really made him a champion. You see, he was good when he didn’t have to be. He was good when no one else was watching. And that, my friends, is the true mark of a thoroughbred.
So what are you going to do to become the thoroughbred in your field? If you are a sales manager, what will you do this year to help create thoroughbreds within your organization? How can you nurture your own students of the game? Consider the 60/40 formula and then encourage your team to push the limits.
Have a great 2016, and good selling!
Author: Jennie Ebbing, JEbbing@jackhenry.com
I don’t know about you, but I go on auto-pilot when I’m in a place that I visit regularly. A good example is my local grocery store. I go there with a list of things that I need, and I usually know just where to find them. Sure, the store is showing its age, and maybe the bakery doesn’t offer much, but it’s my store! I’m used to it – both its good and bad attributes. This past weekend my world was rocked because they closed the old store and opened a new and improved superstore! I’m sure everything I need is in the new place, but how the heck will I find it?
Changing the look and feel of an application or website can make for a similarly jarring experience for customers. What was once familiar is now different. Actions that didn’t take too much effort from the user now require a higher level of focus in order to get the job done. If new features have been added, will the user understand their value? Will they know how to use them? How can you help your customers prepare for and adapt to a user interface (UI) change? Here are some tips:
Communicate - Tell your customers what’s coming. Outline the changes, provide timelines, training options, and support information. Be prepared to repeat communications frequently with a ramp-up of those efforts closer to the date the changes will be available.
Promote Improvements – Talk about the good stuff! Change is hard. Even when it’s a change for the better, the overall perception from a user can be negative. Be sure to tout the benefits of the changes. Call out exciting new functionality, especially features that allow the user to be more efficient.
Documentation – Empower your users to help themselves by providing solid documentation that will help them understand how to get around in the new UI. While it’s true that many users can navigate an intuitive UI without assistance, documentation is an important part of any update. Remember that documentation doesn’t always mean a lengthy manual. Workflow mapping, a recap of the changes, and how-to sheets are all valuable documentation tools.
Training – Whether it is on-the-job training on the day of the release or a series of training sessions in advance, be sure you provide training opportunities for your users. Short tutorials that focus on how to use the new system are invaluable. The more comfortable the users feel with the new technology, the easier it will be for them to make the switch.
Support – Prepare your support staff for the upcoming changes by making sure they know the new features and navigation flows inside and out. Compile a list of the most common questions and circulate it throughout they organization so that those who wouldn’t normally answer support questions can pitch in. Consider expanding support temporarily if you feel the call volume will exceed capacity. Make it easy for your customers to reach you and make sure your support representatives are confident in the subject matter and are ready to assist.
Planning ahead and preparing for changes will make the process easier for both you and your customers. Taking care to promote the positive impact of an improved user interface, as well as providing plenty of training opportunities will ensure that the transition is a smooth one for everyone involved.
One final note: I went back to the grocery store last night. Thanks to the signage and helpful employees, I found everything I needed…and then some! And I have to admit the new store is nice. Now that they’ve helped me make it past the initial change, I think I may really learn to like it there.
Author: Jason Mayhall, JMayhall@profitstars.com
Wouldn’t it be frustrating if you went on vacation and had to take two weeks off just to arrive at your destination? Or if you had to wait two months to get the latest news from your favorite sports team? What about the childhood frustration of missing the airing of Rudolph the Red-Nosed Reindeer, knowing that you had to wait until next Christmas to watch it? Luckily, we no longer have to experience these frustrations thanks to inventions like cars, the internet, and DVRs, which allow us to get our information and arrive at our destination much faster. The data conversion world has seen similar improvements, and the following tips can help you breeze through your conversion.
#1. Start Discussions with Your Conversion Provider Early
Starting discussions with your provider early allows for more preparation in advance, ensuring that everything is set up and ready to go for your conversion. For example, you could send a portion of the data earlier for a head start on the conversion. If you can get your new system set up and running early, you can begin loading the data before the cutoff of the old legacy system.
#2. Ask for a Bulk and Gap Conversion
In previous conversions, you had to wait for all of the data to become static before beginning the conversion. Using bulk (98% of your data) and gap (data from the end of the bulk to your cutoff date) converts your documents in segments. The vendor could have 98% of your data converted and loaded into your new system before the cutoff. Providing your data to the vendor early in the process allows your staff to become familiar with the data in the new system before taking it live. Your staff can use this data for training on your new system without the need for dummy data, which allows them to stay focused on the implementation of the new system.
Related: Data, Data, Everywhere
#3. Prepare for Mapping
Mapping is a process in which the old data structure and index types are mapped to the new structure and index types in the new system. Have a technical person on hand who knows both the source system layout and the new system layout. Ask your vendor about professional services to assist with the mapping process. Finally, ask your vendor about an early mapping option so that data can be mapped as it is being converted instead of after the conversion. This request alone could save hours of your time.
#4. Consider Your Options
Conversions don’t have to be a long, drawn out process if the proper planning is in place. One option is to ask your vendor about a viewer that catalogs only the metadata. These viewers house all data types and legacy systems in the same viewer. This option saves you money by allowing you to cancel multiple maintenance contracts from existing legacy systems, possibly retiring them. The cataloging process of the metadata means a matter of days, not weeks, before the data is in your hands. However, there are drawbacks to this option. If the data needs to be accessed by your core system or another ancillary product so that your employees or customers can access the data, then this option will not work for you. A full conversion would be the best option. Consider your options and then pick the plan that works best for you.
By Lauren Gleim, email@example.com
Pop Quiz: Think of five words that describe yourself. To help, here are mine:
- (Dog) Mom
What does your list reveal about your identity? The words you chose likely reflect adjectives, roles or personality traits that are important to you and how you want others to perceive you.
Now, think about your financial institution. Can you think of five words to describe it? If this was an easy task, you likely have a strong idea about your institution’s brand identity. If this was difficult, I am here to offer a few tips on how to reflect the value of your institution to your customers.
What is a brand identity?
According to the American Marketing Association, a “brand is a customer experience represented by a collection of images and ideas; often refers to a symbol such as a name, logo, slogan, and design scheme”. It is how your financial institution appears to your customers. Your brand identity encompasses your communication and visual cues. We are accustomed to all sorts of brands. So much so that when we see a brand such as Starbucks or Apple roll out a new product we have high expectations.
Why is a brand identity important?
People and companies may want to be perceived in one light but sometimes there is a mismatch between what we want people to see and what they actually see. Your brand image and identity speaks to who you are as an institution. It builds trust amongst your customers. When you see golden arches in the shape of an “M” you know McDonald’s is close to provide consistent fast food service. Or that if you are an Amazon Prime member, you’ll receive free shipping. Your reputation depends on the service you provide to your customers while your existing customers are where brand identity is most important. Loyal customers to your brand are a greater value to your business. Think of it this way, your business has a 5-20% probability of selling to a new customer. However, your business has a 60-70% probability of selling to an existing customer, a loyal customer (Help Scout, 2015).
How to create a brand identity?
If you have a strong understanding of your brand, that’s great. Even so, here’s a refresher on creating a brand identity. The SWOT analysis is a great tool to determine your strengths and weaknesses, identify threats and find opportunities for improvement. If you are trying to reinvent your institution’s brand identity, start here.
All businesses have a mission. Use that mission to create a visual brand. What does your institution value? What is your institution’s culture? These aspects can all be incorporated into your brand identity. 64% of people cite their main reason they have a relationship with a brand is due to shared values (HBR, 2012). If you value customer service, highlight that in your online and print marketing. Your brand identity should also be consistent across all outlets whether your online presence or at your branch locations. Your logo, brand colors, banner ads and print materials should all be uniform.
Be methodical about your brand decisions. If your financial institution promotes banking services online with a banner ad, match that banner ad with printable materials. If you have a color scheme, make sure your emails reflect those colors. If you utilize social media, add social media links to your website, landing pages, email signature and emails. This will especially cater to millennials. 62% report that online content drives their loyalty to brands (NewsCred, 2015). Your decisions will reinforce your brand identity.
This last piece of advice may seem obvious. Be sure your team is informed and understands your brand identity. If they do not understand, consequently, your customers might be confused, as well.
What does your brand identity reflect about your company? Are you sending mixed messages? Ask yourself these questions when creating your brand identity. If you need new marketing materials to help, visit the iPay Resource Center below. We free have marketing materials to help you with your brand identity journey.
Author: Marissa Quebbeman, MQuebbeman@jackhenry.com
Holiday gift wish-lists, check. List of cyber-Monday deals, check. Malware installed while surfing the web to find the best deals…huh?
The holiday shopping season usually carries elevated risk – whether shopping at a mall or online. This year, Internet users face sophisticated cyber threats that have been active and evolving for the past year. End users – both at home and on business networks – must be vigilant to protect their identities, accounts, corporate intellectual property, and pocketbooks from being attacked and/or compromised by malware. No one wants to find their identity stolen or bank accounts emptied during the holiday season.
A few current popular methods of malware delivery include malicious spam emails, phishing emails, and exploit kits. The first two methods differ only in targeting methods. Spam emails are less targeted than phishing emails, and are the type of message a user is most likely to receive in their home email account. Phishing messages generally target people within an organization or group – members of a financial services industry group or employees of a particular bank are good examples. Spear-phishing is the most targeted methodology and usually leverages information gathered about the targets to guide the message content. All three of these methods use the same basic social engineering principle: an attacker crafts an email message to entice the recipient to open it. It could be about a package delivery, an invoice for your recent order, or a resume from a potential job applicant. At this time of year any of these topics seem legitimate, however users must exercise caution and common sense.
Because the attacker uses ‘bait’ that is attractive to most people, they are relying on users clicking on links and opening attachments without critically reviewing the message for legitimacy first. Malware being delivered via these channels includes (but is not limited to): Dridex (banking Trojan that collects credentials from the compromised system); Dyre (banking Trojan that captures credentials); and CryptoWall (ransomware that encrypts all files on the infected system and any mapped shares).
As a recipient, you can help reduce the attacker’s risk of success by:
Taking a moment to focus on the email instead of scanning through it. Does it look legitimate? Were you expecting an invoice, delivery notification, etc…?
Check the sender email address to see if it appears bogus. (If the sender domain doesn’t match the company, it is a red flag.)
Hover over links to see if the text matches the destination URL. Note: on mobile phones you can touch and hold the link to have a box pop up that will show you the link. Press the “cancel” or “back” button to avoid going to the link. If these don’t match up, you are likely in a phishy situation.
Use an alternate method to validate the message, such as going directly to the company’s website.
Save the attachment and scan with anti-virus software before opening.
The third method for delivery mentioned above is called an exploit kit. Its purpose in life is exactly what it sounds like: to exploit as many systems as possible for the purpose of monetary gain. Exploit kits are used by crimeware gangs (and other actors) to infect susceptible systems when users browse to an infected site. They succeed by targeting plug-in vulnerabilities that are commonly used by end-user’s web browsers, such as Adobe Flash. When a plug-in is out of date, it leaves the user susceptible for exploitation – therefore it is important to either remove plug-ins from your browser (if you do not use/maintain them), or to keep them up to date.
Users most frequently are infected by a website that was compromised or via a malicious ad pushed to an otherwise ‘safe’ website. The latter is affectionately called “malvertising” or a “drive-by-download.” Quaint, right? Probably not if you are the unfortunate victim of this attack.
Users usually are unaware that an exploit kit is firing in the background when this type of attack succeeds. Once the exploit kit successfully compromises a system, it attempts to install malware. Current malware payloads observed include CryptoWall 3.0 and 4.0 (ransomware that encrypts your files - and any files on mapped network shares - then demands payments in BitCoin to decrypt them), TeslaCrypt (more ransomware), Bedep (a click-fraud Trojan that can also redirect the system to download other malware), and Vawtrak (banking Trojan that collects credentials.)
For the tech-savvy, detailed technical examples of the different types of attacks and payloads may be found at the blog Malware Traffic Analysis and through Mr. Duncan’s ISC blog postings found here.
Now the most important part: What can you do to protect both yourself and your organization?
Often the simplest things make the biggest difference when it comes to protecting your data while surfing the Internet. Employing the following strategies will reduce your chance of infection and improve your ability to recover if your system is infected. Even seasoned cyber-security professionals have been known to click on a link from time to time by not paying attention. These strategies will help reduce the chance of infection even if you accidently open the latest phishing message.
Patch your operating system. This goes for your computer, laptop, mobile phone, home router, etc…(“devices” going forward.) Make sure you are patched. Also, for owners of newer cars, check with your automobile manufacturer to ensure there are no outstanding software updates available for your vehicle. [This author had her car stop working one night without notice. The culprit? A software update had not been applied and the old software was not communicating information correctly.]
Patch all software that is installed on your devices (Java, Adobe Flash, Silverlight, Office, Internet Explorer, Chrome, Firefox, etc…). Even if your operating system is patched, these other software packages may be vulnerable to exploitation.
Use software that automatically checks for any outdated versions, making it easier to know when and what to patch. (Example: Secunia PSI)
Use ad-blocking software to prevent websites from automatically loading advertisements.
Disable auto-play in your web browser (enable Click-to-Play) so embedded content does not automatically play without your interaction.
Run Anti-Virus and Anti-Malware protection on your Internet-accessible devices to identify, detect, and protect your system from known malware.
Keep an off-line backup of all critical, important files. For home users this may include tax documents, photographs, emails, and other electronic communications of high importance. For businesses this includes all critical business files.
Avoid clicking on links in emails, particularly if they are unsolicited or unexpected.
Virus-scan attachments before opening.
We hope you have a happy, safe, and fun holiday season – both in person and on the web!
Author: Milton King, firstname.lastname@example.org
As I prepared to write this blog, I came to the realization that many people who read this may have never utilized interoffice mail (IM). They never had the experience of handling that fancy orange/yellow/tan envelope with the holes in it. They missed out on the joy of figuring out if the red tie string needed to go clockwise or counter-clockwise. Most importantly they never joined the exclusive list of people who signed the envelope. Man! Did they miss out!I decided to do a little research and came up with “best answer on Yahoo Answers”-
In the "olden days", before email, many documents were sent to other offices (or rooms) in a large company via a sort-of private mail system - run by the company. You would place your "letter" in a designated box (usually inside a re-usable tan envelop) near the secretary's/office manager's/clerk's desk. Then, the "letter" or package would be delivered to whomever you sent it to (or you may even have a pigeon-hole-type mail box assigned to you).
I then asked myself what happened to IM? The answer is, we, the technology providers drove IM into obsolescence. Here is a quick synopsis:
- 1920s-1970s – Telex started the electronic communication. Though it was expensive and limited in availability it survived for nearly 50 years. Companies with multiple locations would use it to communicate urgent information from one division to another. An early alternative to interoffice mail.
- 1970s-1980s – Email changed everything as it created an instant, inexpensive way to communicate. Particularly within a specific organization. Email would become the standard for interoffice communications for decades to come. The execution of legal documents and the handling of private, high security documents was and, in some cases, still is a touchy area for email.
- 2000-present – Instant Messaging, particularly internal IM has made interoffice communications instantaneous. Though, if we are all honest, it is largely a way of complaining about things that are going on in a meeting we are participating in.
You could include texting in the list above as well. Each of these technologies had a role in eliminating the need for interoffice mail. A common feature of each is that they have obvious shortcomings for sensitive internal communications.
Leave it to technology companies to create solutions that merge all of the previous technologies, while at the same time addressing their weaknesses. Today we have enterprise workflow technology (EWF). EWF combines instant availability like instant messaging, the bandwidth and familiarity of email and the security of a private mail network.
EWF is a solution that lets a company define those in an organization that not only need to see a document but may also need to execute and/or authorize it. It assures that the document goes through the proper channels (workflows). It tracks and notes exceptions. It leverages email, texting and IM technology. It can also be behind the company’s firewalls making it a secure environment for sensitive materials. In many ways, it is the modern day version of interoffice mail.
Interoffice mail served an important purpose in many companies. It shared information ranging from invitations to the Christmas party to sensitive contractual information. All of these functions are still important.
Today’s workflow solutions serve the entire document handling needs of an organization. It utilizes familiar technologies like email. The only downside is that you don’t get to sign the cool envelope.
Consider how your organization circulates documents. Do you have processes that are dependent on authorizations by multiple people? Do these processes get delayed because of availability of these individuals? Would your organization be well served with technology that allows those individuals to view and authorize these documents electronically and from wherever they are? If your answers to any of these questions is yes, you need a workflow solution.
Tags: document imaging
Author: Kevin Moland, KMoland@profitstars.com
If you think about it, payments have always been about being more mobile.
Cash, first in the form of precious metals, then as different forms of currency, allowed people to liquidate relatively immovable assets like property or livestock and “mobilize” them in a form that could be carried around and converted into other goods and services. The first printed checks likely appeared in England in the 1700’s. These nifty devices were lightweight and portable, which made it easy for payers to remit large sums of money without toting around all those bills and coins. The result was more mobility and increased safety for payers. About 200 years later, in the middle of the 20th century, Diner’s Club, American Express and others rolled out credit cards. Debit cards first appeared in the 1970’s and come to prominence as a payments vehicle in the 1990’s. Suddenly payers had choices: They could finance purchases instantly or pay for them with funds from their checking account, all by handing over a piece of plastic.With each new form of “mobilization,” payers gained convenience and security. Unfortunately, with each new channel, the payments industry gained new types of fraud. As payments moved from cash to checks and checks to cards, authentication measures became more complex, shifting from padlocks to signatures and signatures to PINs in an attempt to thwart fraudsters trying to impersonate legitimate account owners. Unfortunately, PINs and passwords have proven to be largely ineffective as a form of protection.
A little over a year ago, Apple turned the struggling digital wallet industry upside down when it rolled out Apple Pay. Suddenly, users could make payments at popular points of sale like McDonalds, Subway and Walgreens with nothing more than a wave of their mobile phone. Now Samsung Pay has been released, with a near ubiquitous reach thanks to Loop’s embedded technology that allows its phones to make payments at most standard card scanning terminals. Like its paper and plastic predecessors, mobile payments offer additional convenience and better security, leveraging card system tokenization programs that facilitate payments without ever revealing the payer’s card account information to the merchant.
Mobile payments also introduced a new form of authentication, eschewing the traditional “something you know” and “something you have” elements of identification in favor of new methods based on “something you are.” Because mobile payments are driven by high tech devices like smartphones and tablets, they opened the door for biometric authentication, the science (some might say art) of validating a user’s identity by confirming some unique organic characteristic. Apple’s fingerprint scan was only the beginning for an industry that now includes identification methods based on voice patterns, facial recognition, retinal scans—even the way you smile. Some industry experts predict that the number of annual transactions secured by biometric authentication will reach five billion before 2020.
And to top it off, now there’s “bio-payments.” And I don’t just mean payments that use biometric authentication. Bio-payments are an emerging new way to pay that is initiated by you, literally, leveraging technology embedded inside your physical body. Earlier this month, Payment Week ran an article that detailed developer Patric Lanhed’s successful efforts to implant a chip containing the key to his Bitcoin wallet under the skin in his hand. Doing so allowed him to “essentially scan his hand and make purchases anywhere Bitcoin was accepted.” Admittedly, many people won’t be excited by the idea of implanting synthetic technology inside themselves, but one doesn’t have to do much more than Google organic computer chips to understand that someday soon payments could be programmed into organic material fused directly into our cells.
While bio-payments are a long way from prime time, it certainly seems like a logical step in the flow that has taken us from cash boxes to mobile wallets. Like all previous payment methods, bio-payments could provide increased convenience and improved security—maybe enough to warrant widespread use. Someday, maybe sooner than we think, we may shed our smartphones as part of our metamorphosis into “smartpeople.” In the not-too-distant future, we, the payers, may even become the ultimate mobile payment device.
Author: Craig Laures, CLaures@profitstars.com
Technology is aggressively changing the Commercial & Industrial (C&I) lending environment. Online commercial loan applications, automation in the underwriting, approval, and funding process, and alternative lenders are disrupting the C&I lending landscape, which have created obstacles for traditional lenders to profitably grow their C&I portfolios. Traditional lenders will need to leverage technology and give strong consideration to partnerships with alternative lenders in order to remain top of mind for commercial borrowers.A growing number of borrowers lean toward a simplified experience (see Exhibit 1 below) which is found 1) in the online channel and 2) from alternative lenders. Online applications, automated prices, and efficient approvals lead to happy borrowers. Speed and convenience will draw borrowers to you more than a ‘rate’ or ‘relationship’. This is the short term future of business lending. As more traditional banks adapt and innovate via the online channel “rate” and “relationship” may become more important, once again.
FI executives often share with me that achieving their strategic growth objectives are largely dependent on proper execution of tactics that will support growth in their C&I lending portfolio. Progressive and disruptive business lenders are succeeding in reaching those growth objectives using non-traditional methods. They are leveraging the internet to quickly and easily get loan applications in the hands of potential borrowers. Borrowers that may have never been reachable in the past. Then accepting completed business loan applications through the FI’s website. Also, several of the same traditional lenders are recognizing the mutual benefit of partnering with alternative lenders through participating in “networks.” The alternative lenders in these networks have the opportunity to approve and fund loans that do not fit a traditional bank’s credit requirements or compatibility.
Community FI’s should take steps now to foster partnerships with alternative lenders. It can take several months or more to vet and implement plans to partner with them. Alternative lenders are here to stay. While they are getting much attention for their focus on business lending, these lenders have been a significant player in the consumer financing picture for years. It’s natural they have evolved into and are now recognized and trusted sources of funds for business borrowers. The number of alternative lenders will fluctuate and those with the staying power (market share and capital) will be another formidable challenge bankers must face, in addition to ongoing net interest margin compression and periods of slack loan demand.
So here is the take away for community FI’s to give strong consideration. By using Search Engine Optimization (SEO) and online commercial loan applications your FI’s website (aka online branch) will be an easy to find and efficient source of leads for commercial lending opportunities. The leads you choose not to convert into new lending relationships can be farmed out to alternative lenders. Those same leads can then be converted into opportunities to ask for deposits and sell other products or services. The future is bright for commercial lenders that understand the role of technology and partnerships with alternative lenders.
The online platform will be a catalyst for growth and the role of alternative lenders will gain relevance. The question remains, where does your FI fit into the equation?