Zions Bank <zionsbank.com> is one of the early entrants in the parade of banks and credit unions rolling out multi-factor authentication this year. The Utah-based bank is using the PassMark/RSA <passmarksecurity.com> system pioneered by Bank of America last year (NB May 26, 2005).
Although there are compliance and security reasons enhancing security, the biggest benefit is marketing and PR. Just today, highly influential Wall Street Journal columnist Walt Mossberg urged readers to ignore financial institution emails saying, "…never, ever consider any email from a financial institution as legitimate." Ouch.
SecurEntry positioning
While we like the SecurEntry name, its page-dominating position on the Zions homepage (see above) is a bit over the top. Granted, they are in education mode as they race to enroll every customer within the next two months. But there's a reason why bank branches in high-crime areas use Plexiglas enclosures instead of steel bars; you don't want to make your customers afraid. The best security measures are subtle and discourage criminals without overly impacting the 99.9% of your customers who would never try to make off with the contents of the cash drawer.
It would work better to place the SecurEntry logo near the log-in area in the upper-right. That way, customers concerned about security could click-through to learn more, and customers that weren't already paranoid could go about their banking business without feeling new insecurities.
How it works
SecurEntry is a multi-factor authentication scheme identical to that used by 20 million customers of Bank of America, Stanford Credit Union, and others (see NB April 12). The new system, launched July 11, is optional for the first two months and becomes mandatory on Sept. 8. The bank estimates it will take five minutes to enable. Zions posted a Flash and HTML demo explaining the system, a one-page Quick Reference Guide (PDF), seven-page illustrated tutorial (PDF), and 11-question FAQ.
Off-topic: brief homepage critique
Zions' new homepage design is hard to judge. Taken individually, the modern graphics and succinct copy are excellent. However, the overall effect is way too busy, with too many elements screaming for the user's attention. The bank needs to better prioritize what they want to communicate on the homepage. The main points can be emphasized with strong graphical treatment while less-important areas are reachable through more subtle navigation, such as sub-menus.
—JB
To learn more about how to promote online security and peace of mind, check out Marketing Security: The sensitive issue of publicizing security and authorization enhancements from our sister publication, the Online Banking Report.