Analyst urges Canadian banks to beef up online security

TORONTO – Canadian banks need to convince their customers that paying bills online is safe by deploying two-factor authentication if they want them to embrace other Web-based services, executives said at an Epost event Thursday.

An analyst from Cambridge, Mass.-based Forrester Research offered a sneak peak at an upcoming study of the North American financial services market, with a particular emphasis on Canada’s progress in the e-billing payment and presentment (EBPP) space. Acording to Forrester’s projections, 56 per cent of the population will be paying bills online by 2009. This is good news for Epost, a venture backed by Canada Post which allows the customers of utilities, banks and other companies (or “mailers”) to pay their bills through its Web-based service.

Catherine Graeber, vice-president of Forrester’s Financial Services Group, said that while Canada has been an EBPP leader to date, there are still considerable impediments to further market growth. Chief among these are security fears around phishing schemes and privacy, she said. Some hold out because they are more comfortable writing cheques or arranging automatic withdrawals, while others mistakenly believe EBPP will involve another monthly fee.

“These concerns may never fully go away, but you need to move consumers through the concerns and into adoption,” Graeber told the audience, which included a variety of Epost’s banking and other customers.

Although 64 per cent of those Forrester surveyed said they were satisfied with their e-billing service, P2P transfers and transactions between financial institutions rated relatively low, at 35 per cent and 32 per cent, respectively. At least 75 per cent of respondents said they were concerned about phishing schemes, and 19 per cent said those fears would stop them from applying online for any kind of banking service.

Graeber noted that 62 per cent of those same respondents said they had not looked at content about online fraud on their bank’s Web site within the last year, if they had done so at all. “I was kind of dismayed at only 38 per cent were actually taking advantage of this education,” she said. “We couldn’t quite figure that out.”

Two-factor encryption refers to something the user knows, like a password, and something the user has, like a digital signature or security token. While Bank of America has already made its SiteKey single sign-on mandatory for online users, Graeber said companies like E*Trade have struggled with the use of security tokens which are offered to their best customers.

Canada’s EBPP scene was originally made up of several players, including Epost, E-Route/Webdox and companies like banks that wanted to provide their own one-stop e-billing service. That changed in 2004, when Epost bought E-Route. Before that merger, each firm had about 1.3 million registered users, according to Epost president Roger Couldrey.

“Growth was very slow in the early years,” Couldrey said. “For those of us with a vested interest in the service, it was almost glacial.”

After a year spent integrating the two platforms, he said the combined number had grown to almost three million registrants. Epost has also seen a 70 per cent growth in transaction rates, Couldrey said.

EBPP is seen as a way of retaining customers in the United States, where churn is a greater concern, said Stephanie Smith, senior vice-president, Consumer Online Banking at Wells Fargo, who also spoke at the event. Based on data from last November, Smith said 55 million customers used Wells Fargo’s Web site for transactions such as EBPP, compared with 30 million who opted for in-branch visits and 20 million who dealt with the bank by phone.

“Beyond the cost reductions associated with not having to produce a paper statement and mail it, the value was really in the deepening of the relationship with the bank,” Smith said. EBPP users, she said, tended to use the site for other services, including transfers, loan applications and the storage of online statements. That’s part of the reason why Wells Fargo integrated its EBPP platform directly into a customized service called MySpending Report, which processes nightly batch jobs to produce a tally of what customers spend on restaurants, at retail as well as on their bills.

Comment: info@itbusiness.ca

Share on LinkedIn Share with Google+