This post was originally published on Bianca's Linkedin on June 1st. You can follow her here. P.S. Heading to #Finovate? See you there.
Banks have historically purchased software in pieces, silos.
Why? It is a result of client type, or channel specific requirements. This resulted in large technology providers; such as IBM, to build a client executive strategy, focused on a specific set of products.
Let me share an example:
Say you're a technologist with a budget. You focus on risk and fraud, and you have an account executive and they would learn your line of business. Your requirements, your needs, ultimately, your silo. They would implement a specific risk product and professional services that went with it. But, in order to do so, layered on top would be a specific integration, essentially a set of handcuffs to the technology.
This was okay at the time because client journeys and experiences weren't changing at the rapid pace they are now. Nothing other than the advance of the internet, followed mobile apps really forced banks and large technology providers to rethink their monopoly and silo approach to business.
News Flash: Times Have Changed
The speed in which customers not only demand service/instant answers and customized offerings is continuously progressing. It's insane to think my Instagram app has better recommendations based on pattern and regression models than my banker has ever been able to give me for financial advice.
Now that customers are demanding better service and a customized experience, how are banks to keep on track and change with pace? How are they going to deal with FinTech and social networks, or Amazon trying to steal their clients? Will the notion of "trust" be enough?
So how will banks keep up with the change? What product choices do they have to make in order to adapt and change at the same speed in order to stay relevant?
As a technology company trying to sell into banks (which is no small task) I am continuously trying to place myself in their shoes, to understand what and how we can enable them to rethink their business models. What have I come up with? Identity.
"That's the currency," as David Birch says.
The path to not only rebuild what could be the new payments rail. But, what many people don't realize is that identity is also a data re-aggregation tool.
Think About It.
Historically, banks purchased different pieces of software to perform specific functions that each at its genesis build a "client profile" -- Essentially each one creating another "Bianca's identity" over time, and these records are the so called tremendous amounts of data that the banks have today. But, the issue is that all this data lives in disaggregated silos. The bank cannot join and make sense of the 7-14 "Bianca's" they have on file. There is no way to fully understand a customer, to better offer a bundled service.
Here is a real life example of what happened to me:
My bank pre-approved me for a mortgage in private banking. Then, roughly a few months later, the apartment building was completed and I called to check what remaining paperwork the bank required for me to proceed with occupancy. I received an email back saying, "We don't have this approval." I then had to send them not only their own pre-approval letter, but was forced to go through the entire mortgage process again. Why did this happen? Because the bank had changed systems and lost the original record of approval.
I'm sure I'm not the only one with this kind of story. And this isn't my worst banking story, it's just the easiest to get out in 4 sentences!
It also isn't just an issue for the customers like me, think back to 2012 when outdated IT systems resulted in inappropriate tools being used for a mission-critical process. It costed JP Morgan $6.2 billion, and The Royal Bank of Scotland millions in fines when their system crashed, locking customers out of their accounts. Long story short, the legacy system spectre will continue to haunt financial institutions with the looming danger of an outage, a critical limitation or, perhaps worst of all, a rigid foundation that will prevent them from iterating over time and meeting modern customer expectations.
But, back to my main point -- how can identity enable banks to better identify, better understand and better predict their clients?
Banks need to rebuild on top of existing infrastructure, centralizing the one thing that could live as an abstraction layer between the old and the new. Don't worry, it's simpler than it sounds. Look at Walgreen's and what they did with photo booth printing in stores -- it's brilliant. They used an old asset, abstracted the interaction and made it frictionless for the end client by exposing API's in a centralized fashion.
How Can This Translate to Identity?
Most of you by know know that here at BioConnect we have built a platform for authentication and biometrics; where there is only one Bianca, where what makes Bianca unique are all the things that are unique to her; the things she touches, owns and accesses.
This centralized identity lives in between the old enterprise stack and the new innovations and products that will use this the technology for identification and authentication. It will enable the identity of the user to be the variable where the context data gets attached to; the audit logs, the history -- so that no one forgets that Bianca was pre-approved for her mortgage -- even if it is an old system.
How? Simple, using the API call to access that old system with the identity token of Bianca which logged that history and data in a centrally unified fashion.
This allows for innovation of just about everything as identity becomes the dynamic brain for authentication of modular platforms.
So, let's think about how this platform can become the engine behind what makes identity really powerful.
Think of a customizable, dynamic brain that can decided if you are you, or not. Like when you call a friend or your parents and they (without checking Caller ID) automatically know who you are... A way for machines to react differently, just like humans do, depending on the context of the situation. Offering modular variables for the enterprise human to decide where they place their acceptance or challenge.
For example: if I work on the security team for an enterprise and based on research and known facts I know where the location of most fraud for my customers originates. I would take this opportunity to place a heavier weight on authentication in that location versus a different location. Depending on the known information I could even decide which cell phone brand (Device ID) for which most fraud occurs and apply the same challenge settings.
The example above offers bare minimum variables to get the point across but think of numerous variables that the bank could utilize; the channel, product owners, customers, transaction amounts, geography, frequency, device, time, patterns of access, etc. Essentially a variable is granted a weight that can change; whether it learns overtime or is manually adjusted based on the situation.
So now, imagine the enterprise being able to decide that all email money transfers done on Samsung Galaxy's in Toronto, Ontario on Sunday at 2am are really risky (because they can see the historical bank data suggesting so). Anyone who meets the above criteria are going to perform transactions that will be considered risky, even if they are not. Now, the bank could select the risk variables and the platform allows them to attach one or a combination of authentication methods that customers have registered in the central system to secure said transactions.
The key here is that the product or channel owner in the enterprise can also decide on the combination of available variables, taking into consideration their own desired product results and create the best authentication experience for their customers.
The future is enabling the enterprise and their customers to understand this isn't just about authentication methods or biometrics. It is about data becoming a currency, and identity as the token to provide better accessibility to services. So, maybe banks can start to build on top of their current silo structure. It would be a good way to start migrating to new technology with the end goal of disconnecting entirely.
These are my thoughts, what do you think?