Yesterday, I was chatting with Jelmer de Jong and Jouk Pleiter from Backbase about their three levels of website security (see note 1). But since I just finished Dan Brown’s latest book, Inferno, which uses symbolism from Dante’s Inferno, I couldn’t resist expanding from three levels to the nine used by Dante Alighieri (circa 1320).
So with apologies to Dante, I bring you digital banking’s Nine Circles of Security. The layers are built around the idea that various digital activities require increasing levels of privacy and security. They start with the least secure info, and go from there.
Level 1
Cookies: Although cookies have a bad rap, they are extremely useful and most users would be quite unhappy if they went away. Use cookies to direct users to their preferred content, e.g. small businesses are shown the Small Biz page first.Level 2
Social login: You want to know who’s visiting your site so you can cross sell and consumers benefit from identifying themselves so they get more personalized info. Banks can utilize social login (Facebook, Google, Twitter, Linkedin) to make the initial login process even quicker. Use social login to provide more personalization, friends lists, like buttons and so on.Level 3
Automatic login to very basic info (read only): Many users would prefer ultra-quick access to their basic banking info such as account balance and recent transactions. Allow users to keep their session open for days or weeks at a time, but only show basic info that would be unlikely to lead to any fraud problems if accessed by unauthorized parties.Level 4
Simple login to basic info (read only): Perhaps you don’t want to keep users logged in for long periods. Instead, make is super simple to get read-only access with by using a 4-digit PIN and/or eventually some simple biometric indicator (typing, voice, facial recognition, etc).Level 5
Full access (read only): In level 3 and 4, users could login to basic info only (e.g balance and last 5 transactions). Level 5 graduates to full access to all accounts including funds transfers within those accounts. Users would be required to submit full username/password to gain admittance.Level 6
Transactional authority up to ATM limits: Here users can move money outside of the bank up to the limits they and/or the bank established previously, e.g. $300 per day, no more than $2,500 in 30 days and so on. Users would have to pass “device fingerprint” and/or geo-location checks (e.g., use a pre-existing PC or phone) in order to move money out.Level 7
Transactional authority up to higher limit: The bank and/or users would establish an intermediate dollar threshold (e.g. $2000/day, $15,000 in 30 days) that required an additional password/PIN to authorize.Level 8
Account changes (eg password, address, beneficiary, etc.) would require an out-of-band authentication, typically to a pre-existing mobile phone number.Level 9
Transactional requests above highest threshold: Anything above the higher thresholds in Level 7 would require the same out-of-band authorization, but would require a hold
period of at least 24 hours (set by bank) so the bank could follow up with users through separate channels to confirm.
Summary: If this sounds insanely complicated, it is on the face of it. But for most logins, this scheme would make it EASIER to access account data. Only the riskier maneuvers are guarded with additional security. And most levels of security hell would be transparent to the end user. They would simply need to remember a username/password, a 4-digit PIN, and have a smartphone. You would instruct them about when the various methods were needed.
———————
Notes:
1. For more on its vision, see Backbase’s FinovateFall 2012 demo.
2. Also, see how Backbase puts its famous UI to work for commercial banking at the upcoming FinovateFall.com Sep 10-11 in NYC.
3. Image credits: upper right, lower right
4. For more on security, see our Aug 2012 Online Banking Report, Delivering that Secure Feeling.