IT has extended the business of banking to every conceivable channel be it
Internet, ATMs, mobiles and now even trains! Soon you would be spared the pain
of safekeeping multiple PINs and passwords through Biometrics. All this comes
with its own set of challenges. Read on to find out about those challenges, and
how banks are finding innovative ways to resolve them
Given the frenetic pace of life, we're all hard-pressed for time and energy
to take care of our critical tasks. And most of these inevitably require
transacting money in one form or the other. A growing economy and the associated
perils of inflation together ensure that banking and financial transactions
increase in volumes with each passing day. Just do a quick rehash of where you
depend on banks to fulfill daily needs and you'll know. Cash withdrawals or
deposits, utility bills (electricity, mobiles, landlines), corporation taxes,
income-tax, advance tax, transfer of funds across accounts, fixed deposits,
share trading and so on. How do you take time off your busy professional
schedule to visit the bank and carry these out? Thankfully, it's the other way
round. The trend among banks and financial services companies has been to
leverage IT to go to their customers instead of the other way around. That's why
one can see banks introducing so many channels for reaching out to their
customers, like phone banking, SMS banking, online banking, ATMs, credit cards,
debit cards and so on.
This sounds really impressive because banks have to use IT extensively to
make it happen. But, it comes with its own set of challenges, which the CIOs of
banks have to cope up with. One key concern is ensuring security of all these
channels. More channels means more number of ports opening up. Plus, the
security of transactions through these channels also has to be ensured. The
other key challenge is integration of various applications and their data. Every
bank today is trying to offer a host of services to customers. So apart from
bank accounts, a bank today also offers loans, investment options, credit cards,
etc. There are high chances that some of the customers are common across these
applications. However, since these applications have grown separately,
integrating them together to offer cross sell opportunities is a major
challenge. It's a real challenge in front of banks to utilize information
generated through one application for servicing the same customer for another
application. Simply count the number of times you get calls from the same bank,
each time trying to sell some product/service or the other but completely
oblivious of the fact that you might already be their existing customer and
therefore would expect the caller to have done his homework properly and not
bother you for basic information such as address, email, age, etc.
Sadly, this is seldom the case and more often than not you have to bear
unwarranted calls from one bank or the other. So, clearly banks have a challenge
here. To integrate data across different banking applications so that agents
manning various bank channels know before hand whether a customer they're
calling is already a customer or not.
Another challenge before banks is to tap the vast market of rural customers.
In fact, this is one area that remains neglected because of inadequate civic and
telecom infrastructure. May be it is time for banks to go beyond traditional
solutions and look at some of innovative ones. One such alternative is the use
biometric technologies in offering banking services to far-flung areas. In this
story we explore the solutions to all these challenges and see what Indian banks
have already done to alleviate those.
ATMs: A quick rewind HSBC introduced the first ATM in India in |
Where IT comes to the rescue
For a start, banks need to have centralized infrastructure not only for
their branches but also for the different channels. This would ensure common
access to customer information for users across different channels. The same
pool of information could be used to solicit new products and services to old
and new customers alike and at the same time provide an efficient management
information system (MIS) to the sales teams to generate leads from.
One strong solution to such integration challenges can be SOA or Services
Oriented Architecture. It could help banks ensure that their various
applications are able to connect with each other without writing any proprietary
code, or tampering with the individual databases. There's tremendous scope for
banks to utilize SOA for this job. In fact, it could even be used to integrate
their banking applications with the various communication channels.
On the security front, there are several solutions being worked out by banks.
One of course would be to deploy a complete information security solution that
is able to secure all applications and channels of entry. As an example of how
security across various channels can be enhanced, let's take a quick peek at how
SMS banking can be used to make and receive payments from third parties such as
merchant establishments.
A buyer sends a message for buying and the bank in turn sends a message
confirming the purchase to both the merchant as well as the buyer. Debit card
number is the key field which is used for the authenticity of the customer.
Security for transactions taking place through this channel is ensured in two
stages. First your mobile number is authenticated by the bank through the use of
authentication keys. Next, a customer enters a secret Mobile Personal
Identification Number (MPIN). This needs to be again authenticated by the bank.
As an enhanced security measure, access is denied after three invalid login
attempts.
A case for biometric authentication
The banking sector has been very lousy in adopting biometrics for the mass
consumer, as people used to perceive sharing details of their anatomies as
analogous to criminal investigation. But with a lot of thought being given to
innovation throughout the BFS, the technology is finding many takers now.
However, in rural areas, with literacy rates still below acceptable levels,
people have been pragmatic toward this technology. We believe anything that
makes for a simpler interface and saves you from the hassles of maintaining
mu`ltiple passwords or PINs is a welcome step. It is after all an automated
technique for establishing identity through unique physiological or behavioral
characteristics.
Finger scanning is still the most popular application of biometrics in
automated teller machines. By plugging a portable scanning device into the back
of the ATM, any ATM machine can be enhanced to offer this functionality. This
machine in turn connects to the bank's server, which authenticates the visitor
by comparing with stored records. It's an unequivocal way of establishing the
identity of the person and one that can't be breached by intruders. And not just
ATMs, biometrics can also be used to restrict access to sensitive areas in banks
such as locker rooms and data centers.
What makes a biometric trait stand apart is that it is as unique as the
individual from whom it was created. So unlike a password or PIN, a biometric
trait cannot be lost, stolen, or recreated. This makes the use of biometrics a
sure enough remedy to prevent identity theft, a problem that is mushrooming
alongside databases of personal information. In fact, some of the channels for
monetary transactions such as credit cards are a very good candidate for
application of biometrics on the consumer side. More so, as they get smarter and
develop capabilities to store more and more personal details on an RFID chip.
Apart from the account information and other personal details, information
pertaining to the biometric traits of an individual can also be bolted inside.
Technology experts aver that a digital fingerprint will eventually prove cheaper
to incorporate for banks than any of the keyboard-based encrypted solutions as
the biggest issue with PIN based access remains its vulnerability to hackers
after it has been keyed in by the user and before it gets to the card reader.
We regularly do
How would you rate the adoption of IT by your bank and what What steps have you taken to How do you alleviate security How do you plan to expand your |
Beyond finger scans
Finger-based scans are just one of the multitude of options that biometrics
based authentication technologies offer. There are other options such as
matching hand geometry to retina scans to iris scans and so on. Authentication
can also be done based on quasi-behavioral attributes such as a person's voice,
handwriting, etc. Yet another is facial recognition, where a person's face is
stored digitally and for each transaction, the live image of the person is
compared to the one stored in the database and co-related to his account number.
Hand geometry based systems are not easy to implement though as their parameters
change with external factors such as weather conditions, cleanliness of hands,
etc. Likewise, retina scans need perfect alignment of the eye to reach the
retina at the back of the eye; a time consuming activity in populated areas.
Iris scans are marginally better as they do not require contact between the
customer's eye and the biometric device to correlate the eye's colored area (ie,
the iris). Voice recognition at present seems the easiest of all biometric
techniques as voice can even be authenticated sitting at home through your
phone. A survey conducted backs this claims saying that 95% of consumers prefer
voice verification compared with the 80% that are willing to accept fingerprint
scans. As mentioned earlier, voice even works remotely (by phone) whereas
consumer's need to install special fingerprint readers at their premises to be
able to get themselves authenticated online. But before this all is well
accepted and practiced, technical standards need to be established so that
biometrics work universally. Work is in progress with a lot of ATM vendors
pitching in with their devices, and we expect some action sooner than later in
this space.
Biometric banking@Canara Bank Last month, a village near |
Micro-banking in rural areas
We have seen how biometric authentication can provide a secure and remotely
accessible channel for bank customers and how it can come in handy for banks
while servicing rural populace. Let's now look at some other initiatives taken
by banks for the rural sector. Rural banking is one area where political
pressures play their part. One significant challenge for banks while providing
services to rural customers is the change in government policies for
agriculturists and the related thrust on farm credit. However, technologically
their efforts depend on the availability of telecom infrastructure. The silver
lining here is the continued downward spiral in the prices of telecom products
over the past few years. This trend is likely to continue and is in alignment
with the increasing demand for networking backbone. This is great news for all
customers, more so banks who are always large consumers of bandwidth. The
reduced bandwidth costs mean that banks can get their far-flung branches
networked at far lower costs than was the case earlier. This would also create
redundancy and in turn greater resilience for their networks.
A biometric-enabled RFID smartcard containing fingerprint scans communicates with the mobile phone at the bank using 'Near Field Communication' |
A combination of two technologies — RFID and Near Field Communication (NFC) —
is all set to enable the rural population of the country to perform essential
banking transactions. NXP Semiconductors, founded by Philips, that co-invented
the NFC technology has partnered with A Little World, inventors of a mobile
platform for inclusive banking, have tried the concept of micro-banking in over
450 villages across four states of the country. The technology involves setting
up of Customer Service Points equipped with state-of-the-art mobile phones that
support NFC. Each villager who is an account holder, will be given a
biometric-enabled RFID smartcard, which will communicate with the mobile phone
at the Customer Service Point. The smartcard essentially contains information
about identity of the customer such as name, address, photograph, fingerprint
templates and relevant details of the savings or loan accounts held by the
issuing bank. NFC, being a short-range wireless connectivity technology enables
secure exchange of data between two devices, by just placing them together,
pretty much like how Bluetooth functions. Since NFC effectively combines
contactless identification and networking technologies, it can communicate
between an RFID card and an NFC mobile phone, or if required, between two NFC
devices. Currently, the NFC-enabled mobile phones used in this project are
sourced from Motorola and Nokia.
The NFC works on the concept of magnetic field induction, and operates within
the unlicensed radio frequency band of 13.56MHz. Speeds can vary between 106
Kbit/s, 212 Kbit/s and 424 Kbit/s. It is an open platform technology
standardized in ECMA-340 and operates with both the 'active' and 'passive' modes
of RFID. During its pilot run, Uttarakhand, Mizoram, Meghalaya and Andhra
Pradesh have been covered, and banks like State bank of India, Union Bank, Axis
Bank, Andhra bank and the Andhra Pradesh Grameen Bank have collaborated with the
project. In the Warangal district of AP, social security pensioners were given
their payments using Micro-banking, and in places like Aizwal in Mizoram and
Pithoragarh in Uttarakhand, the project introduced the concept of banking, since
these areas have never had a bank before. Interestingly, the RFID cards used for
the initiative were tailored around a completely different application. These
cards are currently used in about 35 countries including Singapore, the US, and
the UK, on their newly issued e-passports. The RFID chips are embedded in the
passports, and are aimed at reducing paperwork and making the passport data
tamper-proof. For the NFC initiative however, it is designed to eliminate the
cost and effort to set up physical branches in rural areas, and providing
services ranging from cash deposits, cash withdrawals, utility payments, and
money transfers.
Increasing IT Orientation of the Indian Parishesh Mishra and Arpan Gupta, With the entry of large foreign |
Passengers, Goods and... ATMs on Trains
You've seen mobile ATM vans across cities and rural areas. But how about
ATMs on railways---the ultimate mobility solution. Close on the heels of setting
up of ATMs on railway platforms, the government has given permission to banks to
set up ATMs on trains! And why not, with the progress in telecommunications such
as improved VSAT and microwave links, technology has become a key enabler for
setting this infrastructure. Right now, there are more than 1800 ATMs on railway
platforms across India. Most of these are placed in the bigger and more popular
stations in metros, which is logical as these stations see enormous number of
passengers commuting on a daily basis. Having ATMs on trains would help
passengers coming from the smaller cities and towns, where the infrastructure to
establish ATMs or other such mobile banking solutions is either simply
non-existent or proves pretty expensive. Plus, there are security concerns. In
fact, a long-distance train could act as the fastest and longest mobile carrier
of ATMs across this vast country. This would also ensure safety of passengers as
they need not carry large sums of cash during journey. Instead they can withdraw
money as and when required. This facility can further be enhanced by installing
e-ticketing kiosks alongside the ATMs. This means a passenger can withdraw money
and buy rail tickets at the same place!
In rural areas we plan to move to banking through mobile sets, as mobile penetration is good
Being the largest bank in the country what |