A recent EY Global Banking Outlook survey found that 85 percent of banks view a digital transformation program as a high priority for 2018. Innovations in technology are reshaping the future of the industry and customers’ expectations.
Many larger banks and financial services firms are already moving toward these technologies. In this post, we’ll take a look at the future of banking technology and dive deeper into one of the main technologies smaller players can use to stay current and competitive in the marketplace: web and mobile app development for banking.
What is the future of banking technology?
Customers have become accustomed to highly personalized, engaging experiences in most aspects of life. One-click shopping, voice-activated search, and home assistants are the new norm. People have come to expect these technological advances to carry over into their banking experience.
Most importantly, today’s banking and financial services customers expect:
- Fast and secure access to finances and account information.
- Personalization of their experience, with real-time slices of financial data and customizable views of finances.
- Recommendations relating to investments, savings, and financial purchases.
There are many new and emerging technologies larger banks and financial services firms are using to meet these expectations and create a better customer experience:
- Artificial Intelligence (AI) and Augmented Reality (AR)—Virtual assistants and chatbots are being used by some of the larger banks and financial services firms to assist customers, for example.
- Blockchain—This technology can be used to securely track banking transactions, such as the steps completed in a request for a loan or mortgage.
- Cloud technology—Banks and financial services firms are using the cloud to store data, with private clouds the preferred choice for sensitive information.
- Cryptography and cybersecurity—Cybersecurity becomes more important as more connected devices are being used for financial transactions. Data must be properly encrypted to decrease the opportunity for hackers to steal personal information, for example. Additional steps must also be taken to restrict access even to encrypted data.
- Machine Learning (ML)—ML technology can be used to help identify potentially fraudulent activities on accounts so customers can be alerted immediately.
- Internet of Things (IoT)—Data from IoT sensors can be used to analyze customer calls and improve the customer experience. This data can also help in the development of new products and services.
- Mobile technology—Customers want access to their financial information from their mobile devices.
We won’t dig into all of these technologies in this post, but you can learn more about many of them by reading other articles we have recently published on these topics. Links are provided where a post is available.
In this post, we want to focus our attention on mobile technology. A mobile banking app provides your customers with omnichannel access to their financial information. Creating a mobile app is a smart way for smaller banks and firms to embrace the future of banking technology.
Web and mobile banking application development: Benefits and tips
By letting customers serve themselves, banking mobile and web app development delivers benefits to both banks and their customers. Some of these benefits include:
- Banks are able to perform transactions faster, with more accuracy, and with fewer human resources.
- More transactions are performed, which is good for business.
- Customers are able to perform just about any banking function in mobile and web apps—gone are the days of filling out paper forms and waiting in line. Apps let customers:
- View real-time account balances and transaction history
- Pay bills
- View pending transactions
- Transfer funds between accounts
- Receive alerts on transactions or low funds
- Deposit checks
- Apply for a loan
To build a successful banking mobile or web app, there are two areas you need to address:
Usability
A successful banking app is a usable one. It does not matter how many features you cram in; if your app is not user-friendly, people will stop using it.
Today’s users want to be able to open your app and instantly know how to use it. Basic transactions, such as depositing and transferring funds, must be simple and fast, completable in a few clicks.
For mobile banking applications, the design and layout must work well on devices of various sizes and models.
Usability needs to be addressed from day one of design and development. Once your banking mobile or web app is out in the marketplace, a redesign is expensive and tarnishes your reputation. Though it’s anecdotal, we’ve met people who switched banks because their app was poorly designed.
Here are some tips for creating a usable app:
- Include a usability expert on your development team.
- Follow a proper User Experience (UX) and User Interface (UI) design process. This means the application is designed with the end user in mind, as opposed to just making something that works.
- Conduct user research, competitive analysis, wireframing, prototyping, and app usability testing.
For more information on these steps and how to improve the UX and UI of your applications, check out our recent post.
Security
Application security is important for all mobile and web applications. But, as you know, it is even more important for banking mobile and web apps, given the highly sensitive information being stored and exchanged.
Cybersecurity ranked as the top priority among global banks in 2018, according to the EY survey.
But mobile banking security should be at the top of your priority list throughout development and the entire lifecycle of the application.
Tips for making your mobile or web banking application more secure are:
- Employ a multi-factor authentication feature—Do not give a user access with a simple password. Require dual factor authentication, such as a fingerprint, security questions, or a code via SMS to gain access.
- Provide real-time email and text alerts—Notify customers about account activity immediately, so they will instantly be aware of any fraudulent or suspicious activity.
- Use a secure connection—Employ connections, such as HTTPS, to keep account information safe.
- Use software to detect unusual behavior—Banks can use software that detects things, such as a user’s location, and should flag activity that is out of the norm.
- Use encryption—Protect the highly sensitive data stored in banking apps.
- Comply with regulations—Ensuring your banking mobile or web application complies with the proper banking regulations is a necessary step to making sure your application is secure. It also keeps your organization from paying hefty fines associated with violations.
- Implement an Application Security Testing Program in your organization—Apply static and dynamic application security testing, penetration testing, software composition analysis, and other AST techniques to ensure that the code you write is as resistant to attack as it can possibly be.
There have been a lot of new financial services cybersecurity regulations as of late. Staying up to date can be difficult, but it is imperative for your business and the success of your application.
As a New York-based business, we would like to address those regulations proposed by the New York State Department of Financial Services (DFS). These new rules went into effect in 2017 with a series of cascading deadlines for implementation.
Banks and financial services firms must now report all cybersecurity events to the DFS within 72 hours. Most unsuccessful attacks do not need to be reported, but there are cases where they should be.
Financial institutions covered by the regulations must have:
- An appropriate cybersecurity program and policies to protect the bank’s and customers’ information.
- A Chief Information Security Officer (CISO) to oversee the cybersecurity program.
- Qualified cybersecurity employees to work with the CISO.
- An incident response plan.
- Continuous monitoring or regularly scheduled penetration testing and vulnerability assessments.
- Multi-factor authentication for remote access.
These are just some of the new requirements under these regulations. An FAQ document published by the DFS provides answers to common questions.
New York State also introduced the SHIELD Act in November of 2017. The Stop Hacks and Improve Electronic Data Security Act was a response to the Equifax breach in 2016.
The act requires businesses to enforce “reasonable” safeguards for sensitive data. It applies to any business holding sensitive data about New Yorkers, whether the organization does business in New York or not. The definition of sensitive data is expanded to include username and password combinations, HIPAA-covered data, and more.
Compliance with these NY regulations (and other global cybersecurity regulations) is not an option. Make sure you are aware of the requirements and plan accordingly.
Given the highly sensitive nature of banking mobile and web applications, make sure you have cybersecurity experts on your team or work with someone who does. To read more about cybersecurity trends in financial services, check out this press release from the Financial Services Information Sharing and Analysis Center (FS-ISAC).
Custom versus off-the-shelf solutions
The decision to build a custom mobile or web application or use an off-the-shelf solution is not always an easy one.
With so many banks moving towards digital transformation, a custom banking app is an opportunity for you to differentiate yourself. You can offer services and functionality that may not be readily available in an off-the-shelf solution, such as Fentury from Salt Edge or NAMU.
The benefits of a custom banking application include:
- Better usability—Your users will be evaluating your mobile banking application within the first few seconds of use. Off-the-shelf solutions do not always provide a usable end product given the restrictions on features, layout, and design, and their need to support capabilities that your particular bank may not even have.
- Enhanced security—Security is the highest concern with banking applications. Using an off-the-shelf application means you do not control how it is built. You can’t make sure the code is secure, you don’t get to control the use of additional third-party libraries, and so on. It is possible for security exploits to be introduced to your app without your knowledge. Custom mobile and web application development gives you the opportunity (and responsibility) to ensure that your application has all of the necessary security requirements built in from day one.
- Regulatory compliance—A custom approach allows you to make sure your application abides by all of the financial services cybersecurity regulations that are currently in effect, and the ones that will certainly be coming in the future. The USA Patriot Act and the Federal Financial Institutions Examination Council (FFIEC) security guidance for mobile banking are examples of additional regulations to follow in addition to the ones already covered in this post. Compliance is essential for security purposes and to avoid fines.
- Ownership—You own the source code when you go the custom route, and so you control your own destiny. You can make updates and correct issues as needed, rather than waiting for an outside party to make changes.
- No fees or restrictions—Off-the-shelf applications often have usage fees, licensing structures, terms of service, and bandwidth caps. These costs take away from your profit, and some of these restrictions may inhibit the functionality and performance of your banking application. Like renting versus owning a home, it’s cheaper at the outset to use a third-party product, but over time you will have paid far more than it would have cost to build your own.
If you do consider an off-the-shelf solution, keep these questions in mind:
- How much will it cost?
- Does it provide all of the features and functionality that are required?
- How much will you need to customize the application?
- How long will it take to customize?
- How are upgrades and maintenance handled?
- How secure is it?
Check out one of our recent posts for additional guidance on how to make the right decision between a custom and off-the-shelf solution.
The future of banking technology is here, and the bigger players in the banking and financial services firms are well on their way to offering the latest innovations to their customers. We want the smaller players to benefit from these technologies, too.
The choice between a custom app and an off-the-shelf solution really comes down to how much you want to stand out. A custom approach is a smart investment for banks and financial services firms as a means to set yourself apart from the competition and offer the latest in banking technology.