Yesterday it seems Barclays suffered a serious technical problem resulting in the loss of several critical services inluding ATM’s and Online Banking. What caught my eye about this was that well known Money Saving Expert Martin Lewis tweeted about the outage and used a specific hashtag, #BarclaysGlitch.
I'm hearing people struggling to get access to Barclays. Please share how it's going to #barclaysglitch
Martin has a healthy following of around 260 thousand followers and is very influential in the financial services world in the UK. A lot of people started to use the hashtag to talk about the outage. Barclays themselves then also used the hashtag which is what was really interesting (for me anyway).
We are aware of a technical issue, and we are working hard to put things right as soon as possible. #barclaysglitch
I think this was smart work by Barclays. I wonder if we will see journalists/influencers (ugh) looking to brand bank outages in the future? A race to have the hashtag most used in an outage? Will banks themselves try and add unique hashtags to outages? Does anyone normal use the word outage?
I wonder what would happen if every financial service organisation in the world was required to make just six little fields of data available to customers in an automated and open standard automated feed that they could use how and where they see fit. The Six Little Fields, The key day to day transactional data of all the products mentioned above and so many more, are;
Transaction Type (Visa, ATM withdrawal, Direct Debit etc)
Balance of the account
There are many more fields underlying this data but these are the key display fields. To allow banking to become a greater part of the web and for this data to become the basis of a thriving ecosystem we need solutions to the following three (at least) problems;
An open standard format for transaction data
A method of securely linking other financial institutions or 3rd party services to financial institutions so data can be transferred between them automatically
A subscribe model for the data that allows new items to be pushed out. Similar to RSS.
I have a handful of ideas and theories on why and how to make this happen and I wanted to share my thinking in the hope that someone out there will agree and have some better ideas along with the will to try to make it happen.
Why do I believe the six little fields are so important?
I assume that most people who own financial services products, be they current accounts, credit cards, loans, savings, insurance etc. do not have them all from the same organisation. Even though I work for a bank, and I should probably whisper this, I do not have all my products with that organisation. This is of course the benefit of a free market, competition and choice, which is a fantastic thing. The big issue from my point of view is what is known in the banking industry as single customer view i.e. the ability to see your full financial picture in one nice shiny interface. This is not a new problem in the industry it is also something I have written about before, but it is one that seems far from being solved or even on any of the banks to do list.
“Payment networks should have a memory. You absolutely should be able to login to Visa.com and see every transaction you have ever engaged in with a Visa card. The fact that you can’t do this is ridiculous.”
I love this quote. Those with knowledge of banking will scoff and say this is ridiculous as Visa cards are issued by a multitude of organisations and the identity of the user is not tied back. Fine, but what if…
Not only should you be able to go to financial institutions you have history with but you should also be able to build your own data stores. These six little fields would be the basis of an entire ecosystem featuring so many things that the banks would never build. This tweet from Dave Birch is a great example of those sort of things but if Dave had a feed of his six little fields he could build it himself, solving his own issue, meeting his own need.
This data and mechanisms for access could be used just as much, if not more, by the banks themselves. Today most banks have struggled with building on top of or integrating with the digital banking fortresses they have built. It is why the first generation of mobile banking apps plugged into the ATM network rather than Internet Banking because the routes for data out were easier to implement.
How do you get data out of banks today?
The six little fields listed above are the ones shown in your Internet banking interfaces. Underlying those fields there will of course be extra data required such as currency, where money transferred in came from maybe even some location data of an ATM but from a customer’s point of view the six listed above are the ones they most need to see.
Today there are 3 main ways of getting data out of banks.
Manual download of data. This seems to be the prevalent method of getting data out of the banks, certainly in the UK. Download a CSV/OFX/QIF formatted file.
Bespoke feeds. In the US there seems to be a high number of XML feeds in existence to get data out from banks, but they are usually bespoke formats and as such need bespoke decoding. This situation has given rise to 3rd party players such as Yodlee who have put in the hard work to decode all these formats and feeds and then provide a platform to pull them all into. This is laudable but effectively places a commercial company in a very powerful position with regards to data feeds that should be free. Barclays have an automated feed available to their commercial customers in the UK to use with online accountancy service Freeagent.
Scraping the data i.e. giving over your username and password to a 3rd party service and letting their system logon for you and pull the data. Probably against your banks T&Cs and akin to giving your postman your house keys so he can deliver a parcel. Madness. This is known as the password anti-pattern.
The above situation is so fragmented and detrimental to the development of innovative financial services and cannot continue if banking is ever going to get closer to or truly become part of the web.
1. Open Standards are required
The six little fields must be available in an open standard machine readable format, a format that every financial services organisation, and other interested consumers, could implement.
Open standards would challenge the virtual monopoly Yodlee hold and in my opinion would be better for all. Imagine if shipping containers could only fit onto one organisations fleet of ships, that is effectively the situation we are faced with today.
From an open standard point of view there is actually one in existence today. OFX, Open Financial eXchange. It is a golden oldie, first defined way back in the 90s and was primarily designed for the use of desktop money management packages such as Microsoft Money and Intuit’s Quicken. The standard seems to have gotten a bit stale, I know you should not judge a book by its cover but the OFX website is from a long gone era of web design (and they have not updated their copyright statement since 2007). I emailed the OFX group to see if they were actually still alive and it seems they are;
Yes, OFX is still very much alive. It dominates the U.S. market; over 5,000 financial institutions in the U.S. use OFX. The last specification was in 2006. There has not been a need for further revisions although there will probably be revision activity in the future as the need arises.
The problem for me with OFX is that it feels like it is trying to be all things to all men (and women). The scope of the specification covers all manner of banking functions and services, including automated delivery of data but it uses old methods and seems heavily XML based. What I believe is needed is something far simpler and based on more modern data delivery formats and protocols such as OAuth and JSON.
2. A manual download option is no good
Forcing the user to manually download their data and then upload into another system is a dark ages solution to today’s realtime always on mobile obsessed world. What I would love to see in banking is the introduction of OAuth or one of its variants. This open protocol is designed to allow the sharing of data and identity between web based services. If you have ever connected a 3rd party application to Twitter or Facebook then you have used OAuth. It solves the password anti pattern described above and also removes the need to manually download data.
This is what connected apps look like on Twitter. Imagine if there was a list of banks here instead? Why can’t I connect my data in this exact same way? If I could then Dave Birch could follow his account on Twitter with a few clicks or taps.
3. Push updates out automatically
Once the connection problem is solved then whenever a new data item i.e. transaction appears that information can be pushed out to wherever the customer has it connected. They are seeing near realtime data in the interfaces of their choosing (obviously how and when the bank posts the transaction data dictates how realtime it is, we know banks love a bit of overnight batch processing).
This source of data becomes a fantastic ingredient for building new things, these events i.e. new transactions, can then have all manner of rules applied to them. It could power IFTTT for banks. Imagine being able to set off other processes automatically as soon as key payments arrive in your account?
If the banking network is truly to become part of the web then the data needs to flow between them as easily and safely as possible. Today that is not really the case in most countries. The digital fortresses banks have built to keep the baddies out are now also keeping their own developers out and are hampering their efforts to build for the brave new digital world. It is in the banks interest to set this data free rather than hoard it for themselves because one day they might understand Big Data. Grasp Open Data first and learn from what people build with that data. I believe Six Little Fields can change the financial services market and how it interacts with and is perceived by the web.
This is part one of my thoughts around six little fields. In the second part I will look at the security concerns of both banks and users, how this might become a reality and whether or not the Germans have actually figured this out already. If you have any questions or comments please do leave them below or pester me on Twitter. I just want to get a conversation started around this topic really, is it a completely ridiculous idea or does it have legs?
Talking of cool Fintech startps, Standard Treasury sounds like a dull US bank but it is actually an interesting startup, backed by the YCombinator folk. It is effectively an API layer for commercial banks. The founder had this to say;
“The existing model for bank-enterprise relationships hasn’t changed since the 1970s,” Kimerling said. “Banking is really painful. We have customers that ask — why can’t banking be like Stripe or Braintree?”
Countries and continents without traditional banking infrastructure continue to be fascinating areas of growth for new forms of ‘banking’. The telcos know this is a great opportunity for them. Orange have announced a new mobile money transfer service aimed at cross border transfers between Mali, Senegal and Cote d’Ivoire.
The front cover of last weeks Bloomberg Business Week is a stonker…
Another great behind the scenes of banking tech, this time in the form of an interview with Greg Brockman from Stripe. He gives an insight into how they build and how they have struggled with scaling up to 40 staff…most banks have that many developers building banner adverts
Irrespective of how much I whine about banking events I do enjoy them really. I am certainly intrigued by the fact that Commonwealth Bank in Australia are running on at the end of the month called Wired For Wonder. It features some big names of tech, Jaron Lanier, Aleks Krotoski and Kevin Kelley to name a few. If anyone wants to fly me over to attend I am more than happy to make that effort.
Crap Infographic of the week. This visual turd floated across my tweetstream last week in the form of a promoted tweet by KPMG. Look at it in wonder and try and derive any meaning other than KPMG have much more money than taste.
I only have a mild interest in the future branch type stuff but some sort of tipping point was reached and I felt I had to write about it like a grumpy sod. From my point of view it seems the prototype future branches fall into two basic categories. The shiny ultra sleek technology stuffed, self-service focused branch and the ‘come in relax, we have free wi-fi, would you like a skinny mocha latte with that financial review’ faux coffee shop full of lovely people not really selling you stuff, honest. There is also actually a third one and that is closing them but that is a whole other thing.
The first type is an obvious example of using technology to streamline processes and make the brand seem shiny and innovative. Some of the technologies are undoubtedly very clever and powerful but they are also a bit soulless and they are seemingly still incapable of escaping paper. This example from Audi Bank just screams don’t touch anything. So clean, so unwelcoming yet they expect people to stand there and browse dream cars such as a Kia. There are many more videos like this I just picked on this one as I saw it recently. Maybe it is future concept videos that actually annoy me.
The roped off branch, making customers feel welcome since 2012
Self service based branches are inevitable but they should cater for those functions that they excel at. Basic transactional banking. Pay in and take out of money, process the antique paper still associated so heavily with banking. If you can make them more developed sales areas with things such as video calling and interactive signatures then go for it…but surely in most places those can also be offered to people at home today? All these advances in technology are needed and the slick future branch does show them off well. The cost of branch banking is getting harder to justify and technology solutions must be investigated but don’t confuse techno utopia with customer happiness.
The second kind, the chillax coffee shop, is the one that irks most. The reason being that it is an admission that banking has gone too far down the self-service, automated robot route and now banks are confused why no one comes to talk to them anymore? Don’t they love us? Just because we built all these automated straight through processing systems that does not mean we don’t want to hear people’s hopes, dreams and desires. The realisation has set in that customers know banks don’t want to talk to them unless they want to sell them something. Banks have gone out of their way to make them less human and accessible by process shaving and penny-pinching. You can’t phone your branch, try booking or amending an appointment online, they are almost off the grid spaces until you walk through the door. Like a much less exciting version of platform 9 3/4 at Kings Cross.
Why madam don’t you look fantastically relaxed and not at all awkwardly staged.
But the main reason for my annoyance is the fact that there is a lot of effort and cash put into these jovial chat shops in the real world yet banks digital platforms remain as conversation free as a library in a monastery. The ability to converse in the scary “new” world of the information superhighway seems lost on most financial organisations. Regulations and rules will be blamed but the reality is banks are not the worlds greatest conversationalists. The unkempt wilds of the web and its 2.0 consumer obsessed walled gardens of inanity represent some sort of alien landscape that a process obsessed industry just can’t codify or fill with cheap coffee and comfy seats.
The solution seems obvious to me. Hire or train capable people who can converse in these new places in the strange tongue they have adopted and make your organisation seem infinitesimally human. Think how you could add nice conversation capabilities to your cold hard Internet banking portals or maybe make it possible to actually reply to those marketing emails you are so fond of. The telephone, and video chatbooths in branch cannot be the only place you can talk with your customers. Of course you may not be able to directly sell loads of products in those digital spaces but there is a lot of mileage in at least making them conversant. Asymmetric digital conversations can be much more flexible and achieved in half the time than waiting on the phone or schlepping to a branch. It is of course important to be innovative in branches and try new things, they are still very important pieces of banking infrastructure and I do not wish to see them closed. For me it is about making it as easy as possible for your customers to talk to you when and where they want irrespective of the medium.
A few weeks back a new service started on twitter. @NeedADebitCard collated all the finest photos from the Internet taken by people keen to share their debit/credit card details and design with the world. The instant reaction to this by most sane individuals is ‘what are you doing you idiots?!’ Banking fraud departments across the globe probably tutted and cursed and then smiled as people proved what they already assume every day, the weakest link in online security is the one between the chair and the screen. Online commentators had a field day spouting off about the obvious dangers of this. My initial reaction was the same for about 5 minutes then I realised that these people are just using social media for its greatest use case, sharing everything. They might not be your most stupid customers but your most loyal, your most proud and in these current times banks need all the fans they can get.
The problems associated with sharing photos of your plastic payment device are actually the making of the financial institutions themselves. The Internet has been with us for 20 years. Social media in its current very easy to use incarnation probably 5-7 years old. Payment cards have been with us since the 60s and in that time they have not really changed a great deal. The bottom line is that they are not really fit for use on the Internet.
Outdated payment methods
These physical tokens of my relationship with a bank contain almost every bit of information a person needs to make card holder not present purchase from the web or via the telephone. The industry has tried to bolt on solutions to alleviate this problem e.g. the 3 digit security number on the signature strip (No one is idiotic enough to take a photo of the front and back of their card are they?) but you enter these details into a site every time you need to pay, effectively giving away the keys to your house every time you buy something via remote channels. Should the sites we buy from do more? Do ecommerce sites have PCI DSScompliance badges that they share with pride? ‘We keep your data safe’. Maybe the site owners should take a smiling photo of themselves holding their PCI DSS compliance certificate and put it on Instagram. Of course there are numerous protection standards in place around ecommerce sites I am being a tad facetious to make a point.
What of other solutions such as the universally loved 3D secure methods like Verified by Visa and Mastercard Secure. Yes they stop a certain kind of fraud but how many purchases are cancelled because of these things? How many swearwords are uttered when asked for an infrequently used password? What we need are payment methods designed for the web, designed to be used for one transaction or that just leave the merchant knowing who I pay via but not needing every single piece of detail to make further purchases.
I mean why do credit/debit cards need my full name printed on them? This is about digital identity and you would do well to watch Dave Birch’s recent talk on that subject. Dave is a man who signs his card transactions Carlos Tevez so he knows when people are trying to make fraudulent purchases.
Social objects of banking.
(Bank) simple have just started sending out invites to their long time registered straining at the leash future customers. The effort and design they have put into their card will mean you will be seeing a lot of photos of these cards over the coming months. They had the foresight to package the cards with a thick blue rubber band holding the card in place but also to obscure the card details making easy to photograph and share the fact they are now proud (bank) simple customers.
Simple realise that the card is an important social object of their customers relationship with them and they wanted to make sure as many of them as possible would share that fact. They also realize the risk and warn their customers accordingly (while still encouraging unboxing photos) Traditional banks would not want you sharing the fact you bank with them online for fear of things like spear phishing yet one of the most used metrics in bank satisfaction is ‘Would you recommend your bank to your friends?’.
I have written about the social objects of banking in the past and I think they are massively underused in an industry that makes talking about your banking relationship and money in general seem massively taboo. This really should not be the case.
So before you go jumping to conclusions about customers who post pictures of their cards on social networks, think long and hard about why they are doing this and why in 2012 the details needed to make a payment online are printed on a small piece of plastic that everyone can see. Who are the real idiots?