IdeaStorm

Dell has started making some good progress towards turning the company around and their new IdeaStorm site is awesome.

It just launched on Friday, February 16th, but the content of the site is already taking off. The basic idea behind the site is for current, or potential, Dell customers to submit their ideas on what they want Dell to change/add/remove from their products. All of the content is user generated and visitors to the site can “Promote” ideas and leave comments. This should be a great tool for Dell to use to keep their fingers on the pulse of their customers.

It seems to me that CU’s could make excellent use of technology like this to develop products, fix problems, build branches, etc. Let your members tell you what they want. We work in financial institutions, so our minds are already skewed. We’re not normal customers/members. Give the power over to your member and let them say what they want!

Vendor Mergers

Most of you reading my blog probably already know that CheckFree announced that it will acquire Corillian, a major player in online banking. Just a few months back, Intuit acquired Digital Insight, another large online banking provider. Read the CheckFree & Corillian news here and the Intuit & DI news here.

I can see two potentially diverging online banking strategies here.

  1. CheckFree = Bill Pay. The merger of CheckFree and Corillian will enable, or should enable, some very interesting new developments in how we pay our bills online. Bill presentment is already here, but it isn’t mainstream yet. I haven’t seen any P2P bill pay system embedded into an online banking platform yet. This merger has the chance to completely change how we pay our bills online.
  2. Intuit = Design. Intuit does an incredible job of delivering very user friendly products to its end user base and has an excellent reputation for listening to customers’ feedback. This merger should finally bring intelligent design features to online banking. Think about having Quicken and Online Banking in one platform. Imagine automatically importing other FI’s info into the online Quicken application and you’ve pretty much created account aggregation.

I’ll be paying very close attention this coming year to these two mergers. We should begin seeing some dramatic changes in the online banking landscape. Now you just need to get your credit union to adopt those wonderful, new changes!

Study Finds Bank of America SiteKey Flawed

Site-authentication images are a simple anti-phishing concept for online banking. Each customer has a secret image (like a dog or wooden chair), which assures them that the web site they are logging on to is their legitimate online banking site. Since phishing sites generally consist of a fake login page used to steal customers’ login information, and wouldn’t be able to show them their secret image, it sounds like a perfect solution.

In fact, Bank of America, ING Direct, and Vanguard already use something like this, but a recent study found…

Even though the bank repeatedly instructed customers not to login if their site-authentication images are absent, the vast majority of participants using their own bank accounts did not comply—23 of 25 (92%) entered their own account passwords even though their site-authentication images were absent.

You’re probably wondering why a phishing site couldn’t take your login information and pass it to the real online banking site to grab your site authentication image. It turns out that this valid concern:

site-authentication images have been shown to be vulnerable to man-in-the-middle attacks that capture and display the user’s site-authentication image

This makes question me whether site-authentication images were a good idea in the first place. As we complicate our online banking systems with this and other multifactor authentication schemes I wonder if any make a significant difference.

For the time being, it looks like the best option is still just to educate your members. Teach them to look at their address bar and make sure they are logging into the right address.

You can see the original article here: http://www.usablesecurity.org/emperor/emperor.pdf

What? Free WiFi?

You heard me. Free WiFi.

But how?

Whisher is how. Whisher is a software technology that people install at home that enables secure sharing of their WiFi. Anyone in the Whisher community can travel about, find other Whisher members and use their WiFi for free. The software does lock down the connection with WEP or WPA and only Whisher member have access to your network.

I mentioned a while back in my post about CU’s and WiFi that credit unions might have an opportunity to blanket their branches or a brave CUSO might try a whole city! Whisher takes some of the basic credit union philosophies and applies them to sharing WiFi! You can even setup small groups who share their WiFi connections. (I’m thinking we’ll give you a 1% discount on your next loan if you share your WiFi with the ABC Credit Union group. Then CU’s can blanket cities with WiFi for free!)

I love the idea and I can’t wait to use it personally and see how the free service does.