PayPal offers “eCommerce Safety Guide”

Paypal_ecommerce_guide_click_to_enlarge_1 PayPal’s state-of-the-art Security Center has a new educational piece, the 20-page eCommerce Safety Guide (download 1MB file).

The handbook covers three areas:
– safe online shopping
– preventing identity theft
– phishing and spoofing

Naturally, it concludes with a section promoting PayPal and eBay as safe methods of buying online.

The booklet, authored by Robert Chesnut, eBay VP of Trust and Safety, uses Gartner and Javelin Strategy for its identity theft data.

Analysis
Financial institutions looking to increase their educational efforts should consider posting a similar booklet, explaining the protection afforded by bank products. Total readership may not be high, but it demonstrates a commitment to the customer in an area of high anxiety these days. It would be an excellent summer intern project.

To learn more about how to promote online security and peace of mind to your customers, check out Marketing Security: The sensitive issue of publicizing security and authorization enhancements from our sister publication, the Online Banking Report.

Pay Your Better Business Bureau Dues!

We like the idea of posting selected third-party endorsements on your website, for example, FDIC, Better Business Bureau, VeriSign and so forth. However, make sure you don't let your membership expire, otherwise you get a very bad result.

Bbb_expired_click_to_enlargeIn reviewing the eSmartLoan website, purchased last month by Capital One (see Jan 20 post), we clicked on the Better Business Bureau logo on its home page and were greeted by a pop-up explaining that the company was no longer a member, either because they failed to pay their dues or failed to comply with BBB policies.

Ouch!

JB

Online Home Equity Lending to Heat Up

Capital One Financial‘s purchase of online home-equity lender eSmartLoan for $155 million on December 14 (press release), should increase the level of innovation in this market in the coming years.

eSmartLoan originated about 12,000 home equity loans in 2004, totaling more than $1 billion, just two-tenths of 1% of the national total of $431 billion according to SMR Research Corp. The 2004 total was up more than $100 billion (35%) from the $320 billion in home-equity loans were originated. 

Under its previous owner, National Bank of Kansas City, the online lender was willing to lend up to 125% of the home equity (LTV).

If you’d like to learn more about the how to optimize online lending, check out the latest report on the subject from our sister publication, the Online Banking Report.

New and Improved Login at Nationwide Building Society

Nationwide_login_1 UK’s Nationwide Building Society has implemented a system that should defeat most phishing and keylogging attacks. After entering their customer number (which can be saved on the computer), users must complete two more fields:

  1. Any one of three previously registered "memorable" data
  2. Using drop-down boxes, select three randomly selected digits from their six-digit passcode

Users probably don’t much like the changes at first, but it won’t take long before it’s routine, especially since users can select their own six-digit passcode.

Analysis
This system eliminates three problems:
– Those who use the same username/password from other sites
– Users with very easy-to-guess passwords such as their spouse’s name
– Keyloggers who capture typed username/passwords

To learn more about how to promote online security and peace of mind, check out Marketing Security: The sensitive issue of publicizing security and authorization enhancements from our sister publication, the Online Banking Report.

Making Online Banking Fun

Is banking ever fun? Not really. The best you can hope for is that it’s "pleasant."

How about online banking? It might have been classified as fun the first couple times you tried it, but it’s not fun anymore unless you happen to have lots of money piling up in your account.

Is it possible to keep it fun? Yes, but you’ll have to continuously innovate. As Seth Godin points out in Free Prize Inside: The Next BIG Marketing Idea, "The price of WOW keeps rising." In other words, what impressed your customers today, no longer impresses them tomorrow.

One innovation that we’d like to see more widely used is rewards programs for online delivery. It doesn’t have to be as expensive as frequent flier programs, more like the free Cokes you can win from time-to-time under the bottle cap.

Examples
1. ING Direct has a monthly raffle for its customers who have opted to receive email statements (which automatically shuts off the paper). Every quarter one of its 2 million customers wins a plasma TV, another wins a laptop, and a third wins a digital camera or portable DVD player. The total prize pool is about $5,000 per quarter, which amounts to one cent per customer per year, less than 1/500 of the cost of mailing a monthly statement.

2. PFF Bank & Trust (Pomona, CA) is running a bill payment usage sweeps during the first three months of the year. The promotion is advertised with eye-Pff_sweeps_1 catching graphics on its home page. Every time a customer pays a bill they are entered into the sweepstakes for a cool electronic "toy," January is the iPod (of course), February is a digital camera and printer, and March is a 19" LCD television. The total prize pool is just $2000 for the entire promotion.

JB

Baseline Online Broadband Usage Statistics

Here are the Yankee Group’s baseline PC and online usage forecast, as cited by The Seattle Times today:

2003: 112 mil US HHs >>> 74 mil online >>> 30% broadband
2004: 113 mil US HHs >>> 78 mil online >>> 38% broadband
2005: 114 mil US HHs >>> 80 mil online >>> 45% broadband
2006: 115 mil US HHs >>> 81 mil online >>> 52% broadband
2007: 116 mil US HHs >>> 83 mil online >>> 58% broadband
2008: 117 mil US HHs >>> 84 mil online >>> 63% broadband

How to read: In 2003, 74 million of the total 112 million U.S. households went online through their home computers; 30% (22 million) of those going online use a broadband connection, the remainder (52 million) use a dial-up connection.

See Online Banking Report (#114) for the corresponding online banking forecast.

JB

Branchless Banks now Hold 2% of U.S. Retail Deposits

The Wall Street Journal published a story today that marks the growing importance of branchless online banks, Online Banks are Boosting Yields. Our sister publication, Online Banking Report, was the source for the article’s market statistics on branchless banks, which have developed a small, but significant following around the world.

In the United States, there are several dozen branchless banks, but more than three-quarters of the total branchless bank deposits are held by two banks, ING Direct and E*Trade Bank. Total branchless bank* deposits in Q3 2004 were about $65 billion, or 1% of all U.S. deposits, or about 2% of all deposits under $100,000. See below for more specific details.    

Branchless Bank Deposits
As of Sept 30, 2004, the deposit totals of the major branchless banks are as follows:

ING Direct       $26 billion in 1.9 million accounts ($14,000/acct)
E*Trade Bank  $23 bil in 2.3 million accounts ($10,000/acct)
NetBank          $2.7 bil in 200,000 accounts ($14,000/acct)
Everbank         $2.3 bil in 370,000 accounts ($6,200/acct)
All the rest      $5 to $10 billion total
————————————–
Total               $60 to $65 billion

Total US Deposits
The total amount of deposits held in U.S. commercial banks on 9/30/04 was $6.4 trillion including retail and commercial deposits.

If you look only at deposits of $100,000 or less (a proxy for retail deposits), total deposits were $3.7 trillion.

Branchless Bank Deposit Market Share
Branchless banks hold about 1% of all U.S. deposits ($65/$6400).

Looking at just deposits under $100k, branchless banks hold just under a 2% share ($65/$3700), actually 1.8% if you want to be more precise.

Source: FDIC

What it Means
It’s not as big of a splash as Amazon made in books, but it’s a solid start for an niche about 7 years old (Netbank started in 1997). I expect it will continue to grow 25% to 35% per year for the rest of the decade, eg, doubling the branchless banking deposit base every 2 to 3 years.   

*We define "branchless bank" as a separately branded insured depository institution that derives the majority of its business through direct methods (mail, phone, online) with minimal brick and mortar presence. We are excluding direct banking units operating under lending or insurance brands such as Principal Bank, State Farm Bank, IndyMac, MBNA, and so on.

JB

FDIC Recommends Two-Factor Bank Authentication

Now that the FDIC has officially come out in favor of two-factor authentication, it’s only a matter of time before every major bank has upgraded their login procedures.

According to a Dec. 24 New York Times article, E*Trade Bank will be the first US bank offering two-factor authentication for retail customers. They are expected to use a token system similar to that used by AOL and several international banks including ABN Amro, Credit Suisse, Rabobank, and First National Bank (South Africa), winner of Online Banking Report’s Best of the Web in November.

E*Trade’s system is expected in Q1 2005 and will be optional for the customer. It’s already in testing with 200 customers.

US Bank is also said to be testing a token system from Verisign.

Analysis: A simpler solution needed for the mass market
We commend these banks for doing something to reassure frightened users. According to Forrester, 26% of online users have not applied online for a financial product due to phishing fears and 14% have stopped paying bills or banking online. Finally 20% have stopped opening emails from their financial providers.

However, a hardware token is overkill for most retail users. It requires ongoing maintenance expenses, tech support, and is a logistical headache for the end user. It’s kind of like a car alarm. They make sense if you live in a high-crime area, but mostly they are just a nuisance.

Luckily, there are simpler choices on the way. Just yesterday, an interesting company was profiled in The Seattle Times, BioPassword. Its software records the unique typing patter of the end-user and will keep out anyone else attempting to type the user’s password. At a recent conference, the company offered up to $100,000 to anyone who could successfully login to its account, even after they’d been told what the password was. Not one of 1200 attempts was successful.

Entrust_identity_guardAnother interesting alternative to tokens is Entrust’s IdentityGuard which Forrester analyst Jonathon Penn raved about in a November 19, 2004 research note. The EntrusEntrust_identity_guard_2_2t solution is a low-tech version of the token, using a paper-based "bingo card" users are asked to enter digits from certain rows/columns of the card (see card right).

Another solution receiving a lot of attention, partly because ex-Intuit CEO Bill Harris is founder, is PassMark. The company touts its "2×2 factor" program that authenticates users to the bank and the bank to the user. The latter is done via visual aid, hence the company name. They also have an excellent easy-to-digest demo.

JB

Citibank’s iPod Offer — Too Much of a Good Thing?

Citi_ipodForget about toasters.

Citibank is handing out iPod minis to new online banking customers provided they fund their new checking accounts with at least $2500 and pay at least two bills per month for a year.

Analysis
This raises the ante for online account acquisition. It's a pricey premium, even for Citibank, which has long been aggressive at its website, giving away eye-catching premiums such as DVD players or $100 cash.

There is no doubt that giving away the ultra-hot iPod mini will drive new accounts. But it may be over the top for a checking account offer, even by Manhattan standards.

How many 20- and 30-somethings will game the system just to qualify for the iPod? An even bigger concern is existing customers closing their accounts and reopening online in order to pick up an iPod.

But Citi knows what it is doing, and they must figure the new accounts, along with the publicity, makes the risk worthwhile. It will be interesting to see what this book of accounts looks like a year or two from now.

We think most financial institutions, at least those outside the NYC metro area, should keep premiums in the $50 to $75 range. It's enough to generate interest and applications, but not enough to create a buzz at FatWallet with people virtually salivating at the prospect of picking up low-cost iPod at the expense of a huge bank.

Aside: Kudos to Citi for posting a link to the Red Cross for tsunami relief.

If you'd like to learn more about the financial interactive marketing efforts, check out the Interactive Financial Marketing Database from our sister publication, the Online Banking Report.

Secure Bank Message Area Grows in Importance

One way around the rapidly declining effectiveness of email communications is to prominently post new messages within the secure online banking area. Not only is it useful to create an archive of bank communications, it also provides reassurance that no message(s) have been missed.

Ebay recently added this capability to its the My eBay platform, where users can login to track account activity. Ebay keeps messages for 60 days. Financial institutions should allow storage for far longer, one year at least.

Because bank messages are often time sensitive, you should also send the message, or a message notification to the user’s standard email account. Better yet, allow users to receive message notifications at multiple email accounts, therefore increasing the chances that one will go through.

Action Item
Many banks already have this capability, but it may be overlooked by customers, as they have become accustomed to receiving messages over the Internet.

Now would be a good time to remind customers to look in their message folder periodically. You might run a sweepstakes or treasure hunt that requires looking into message folders to win.

If you’d like to learn more about the future of online bank messaging, check out the Online Banking & Bill Pay Forecast: Current, future and historical usage: 1994 to 2016 from our sister publication, The Online Banking Report.

How to Make Your Online Banking Customers Feel Secure

Link: Citizens Bank.

Most banks could help their customers increase their comfort level with online banking by doing four relatively simple things:

  1. Greet customers by name before logging in, so that users know they have arrived at the correct site.
  2. Post a prominent link to an online security area.
  3. Post an understandable discussion of the customer’s liability for unauthorized electronic withdrawals, preferable with a "guarantee" of zero liability if promptly reported.
  4. Provide hotline phone numbers and email addresses for reporting suspected fraud.

Citizens Bank, the U.S. division of Royal Bank of Scotland, does a good job with points 2 through 4.

Citizens_fraud_center A catchy homepage graphic for its "Online Fraud Prevention Center" directs users into a thorough discussion of online fraud and prevention techniques.

The bank’s Online Guarantee is highlighted with a graphic image and Citizens_onlineguarantee_logoa phone number and special email address, prevention@citizensbank.com are also included.

Finally, copy writing is user-friendly and links to third-party resources, such as the National Cyber Security Alliance, round out the section.

To learn more about how to promote online security and peace of mind, check out Marketing Security: The sensitive issue of publicizing security and authorization enhancements from our sister publication, the Online Banking Report.

Where’s the Holiday Bank Marketing?

These days most major online retailers and consumer sites dress up their websites for the holidays.

Unless, they are bank sites.

Each year we surf major banks looking for holiday happenings. We were surprised again this year to find little creativity on bank home pages. On Dec. 21, none of the largest 30 banks in the U.S. had a major holiday theme running.

Two banks, National City (#11) and LaSalle (#15) were running prepaid gift card banners. And two others were running small holiday-themed promotions running, AmSouth Bank (#27) and PNC (#20).

PNC is running a tongue-in-cheek look at the cost of purchasing the items in the popular holiday song, The Twelve Days of Christmas. This year the total cost was $17,300, up 2.4% since last year. The bank has been tracking the cost for 20 years and provides a long-term look at the price increases. It’s very clever, providing valuable publicity and a positive impression of the bank.

AmSouth Bank has an interesting holiday promotion, one that ties directly to online banking a bill payment. Website users can personalize a holiday greeting card and send it to anyone with an email address. Users are encouraged, but NOT required, to use the cards as a notification of a check being sent through AmSouth’s bill payment system. The default "personal" message even says:

A monetary gift is being sent through AmSouth Bank, please look for it in your mail in the next 7 days.

Greeting card users do NOT have to be bank customers. AmSouth doesn’t say whether it is capturing email addresses. We would have to assume not.

Action Items

Add a holiday promotion for your 2005 marketing plan. It’s a great way to jazz up your website for the holidays and you can include a sales promotion at the same time, especially for prepaid cards or gift checks.

JB

—————————————————-

If you’d like to learn more about the financial interactive marketing efforts, check out the Interactive Financial Marketing Database from our sister publication, the Online Banking Report.