It’s been so crazy around here that I plumb forgot to talk about one of the more nerve-wracking announcements of the last couple of months – namely Bank of America’s plan to begin two-way text banking in the second half of next year.
#mobile #compliance #ElectronicRecordsManagement #e-banking
Why is this unnerving? Because it raises all kinds of new questions about security and privacy protection – questions that already are top-of-mind (or should be) following the company’s new venture (with Verizon, AT&T, T-Mobile, Discover, and Barclaycard) to let customers make purchases with their phones, rather than credit or debit cards. Both are nice ideas in practice, but they are scary to contemplate given how prone to loss, malfunction, and physical abuse these devices are.
BoA is smart to adopt texting because so many more people have text-capable phones than smartphones, the latter of which previously have been necessary to do mobile banking. But customers should be wary because the medium isn’t inherently secure and some of the common ‘protections’ only go so far – for instance, though the use of customer-assigned nicknames as account-number surrogates affords the same protection as a password on a PC, most passwords are simple to figure out (and/or are openly stored on the machine itself), and the PC at least tends to stay at home!
Mobile phones, on the other hand, are, well, mobile … by definition and design, they travel. They are sometimes loaned, and on more than a few occasions, they are lost. I don’t know about you, but I’m fairly sure I don’t want my banking portal to be just a tap and a few textstrokes away from anyone who uses my phone (licitly or otherwise) – any more than I want my medical records to live that close to the surface on my doctor’s PDA or iPhone.
Compliance executives at BoA and myriad other banks engaged in such schemes must be losing their hair over the need to safeguard their customers’ transactions. At least, I hope they are – and even if so, I can’t help but feel it’s only a matter of time before we pull back from the so-called ‘convenience’ of being able to bank from anywhere there’s a cell signal in favor of just a little security.
And that’s a retreat I’m prepared to lead.
Are you with me? Think I'm all wet? Work for an organization wrestling with this very issue? Then comment here and/or drop me an email and let us know what you think! And if you haven't already, be sure to sign up to join Weissman’s World – it's FREE, and we've got a special limited time no-cost offer going on for several "Key Questions" guides for imaging, SharePoint, and vendor selection. See the details and c'mon along – see you there!