Welcome!

IoT User Interface Authors: Elizabeth White, Stefan Dietrich, Liz McMillan, AppDynamics Blog, Yakov Fain

Related Topics: Agile Computing, API Journal, IoT User Interface, Cloud Security

Agile Computing: Article

Retail Banks - Dinosaurs in an Online World

We have a recurring issue with our bank - they regularly flag transactions as fraudulent even though the transactions are fine

I had some interesting (sic) experiences with two separate banks with regards to two business accounts that we keep with each recently. The problem highlighted two issues that were both in some ways intertwined:

  1. False positive flagging of online transactions
  2. Identity Management between bank departments

First let me set the scenario. I am CEO of Storage Made Easy, a business that can be categorized (in bank speak) as an online internet business. We are a business that spends a fair amount on online advertising through various different channels and who also uses best of breed online services to make our life easier. Therefore we spend money with other online based internet companies including companies like Google, Amazon etc and we pay certain providers through merchant gateways such as Paypal. I suspect we are not that different to other similar companies in this regards.

We have  a recurring issue with our bank in which they regularly flag transactions as fraudulent even though the transactions are fine. These are what are referred to in the industry as 'false positives'. A false positive is a result that indicates a given condition has been fulfilled, in this case a transaction being flagged as fraudulent, when the condition was not or should have been fulfilled, and in this case the result is that the transaction should not have been flagged. The end result is that the credit card used to pay for such services is suspended until the end user (us) has negotiated with the fraud department of the bank to lift the ban and transactions that are flagged have to be re-submitted, a time consuming and costly process as it means all adverts stop running, payments are not made and someone within the business has to take time out of their day to sort the whole mess out.

You would think it would be fairly straightforward problem to fix. After all the transactions in question have a regular history of being paid each month, in most cases going back over 2 years. Unfortunately this is not the case, the bank merely says "our fraud detection system highlights these transactions as possibly being fraudulent and there is nothing that can be done". My ongoing question is why ? Why are you flagging transactions as being fraudulent that have a historic basis for payment in which the amount in most cases are identical to what was previously being paid over the past two years. This is largely a rhetorical question as no-one in the bank can answer it or even seems to care that it is a perfectly valid question that should be investigated.

The second issue involves getting in touch with the banks fraud department to arrange to have the block lifted. Normally when we speak with the bank we go through a telephone banking authentication process. The bank set this up with us and we have a pin and other personal and password details we have to give. The PIN relates to a challenge / response two factor authentication process. As a company we have a good knowledge of Identity Management, from Active Directory / SAML / Kerberos / LDAP through to OAuth OpenID etc and we also understand the challenges of integrating between the various identity management systems.

When we contact the fraud department they do not use our pre-defined identity management process at all. In fact they ask obscure questions about the account, such as "What was the debit amount for a transaction on 2nd January "etc. These are almost impossible to answer as a by-product of the fraud block is that online banking is also blocked and as we have paperless statements, there is no way to check or validate any of the questions being asked (which in any case are not in anyway related to the identity management process we have in place with the bank). When challenged as to why the fraud department is not using the existing identity management that we have in place the response is "We do not have access to that system". My guess is that as the fraud department seems to be outsourced to Mumbai, this is why, but this is not something we should care about or be impacted by.

My conclusion is that retail banking is akin to web 1.0 companies in a web 2.0 world. They have not changed their processes to work within the dynamics of the internet world, which is driven by online transactions, and their outsourcing exposes the lack of cohesion within their internal systems in which the customer suffers the consequences. There is also a certain type of arrogance within the culture of the bank that leaves me a little cold. There is a real "don't care' "can't do" type attitude.

It seems the option we have is to change banks but I really have little confidence this will solve the underlying issues as we already similar behaviour from the two banks we already use.

Banks now fail in the most fundamental thing you want them to be good at ie. lending money, storing your money and providing transparent secure access to it. They retain their position purely through lack of choice but it has often crossed my mind that a much better solution would be a consortium of similar minded tech companies who function as their own club that administer and provide their own financial services to each other.

More Stories By Jim Liddle

Jim is CEO of Storage Made Easy. Jim is a regular blogger at SYS-CON.com since 2004, covering mobile, Grid, and Cloud Computing Topics.

@CloudExpo Stories
Enterprise networks are complex. Moreover, they were designed and deployed to meet a specific set of business requirements at a specific point in time. But, the adoption of cloud services, new business applications and intensifying security policies, among other factors, require IT organizations to continuously deploy configuration changes. Therefore, enterprises are looking for better ways to automate the management of their networks while still leveraging existing capabilities, optimizing perf...
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
As cloud and storage projections continue to rise, the number of organizations moving to the cloud is escalating and it is clear cloud storage is here to stay. However, is it secure? Data is the lifeblood for government entities, countries, cloud service providers and enterprises alike and losing or exposing that data can have disastrous results. There are new concepts for data storage on the horizon that will deliver secure solutions for storing and moving sensitive data around the world. ...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, will explore the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences betwee...
SYS-CON Events announced today that BMC Software has been named "Siver Sponsor" of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. BMC is a global leader in innovative software solutions that help businesses transform into digital enterprises for the ultimate competitive advantage. BMC Digital Enterprise Management is a set of innovative IT solutions designed to make digital business fast, seamless, and optimized from mainframe to mo...
SYS-CON Events announced today that MobiDev will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobile software company with over 200 develope...
Companies can harness IoT and predictive analytics to sustain business continuity; predict and manage site performance during emergencies; minimize expensive reactive maintenance; and forecast equipment and maintenance budgets and expenditures. Providing cost-effective, uninterrupted service is challenging, particularly for organizations with geographically dispersed operations.
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
SYS-CON Events announced today TechTarget has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. TechTarget is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Its extensive global networ...
SYS-CON Events announced today that EastBanc Technologies will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. EastBanc Technologies has been working at the frontier of technology since 1999. Today, the firm provides full-lifecycle software development delivering flexible technology solutions that seamlessly integrate with existing systems – whether on premise or cloud. EastBanc Technologies partners with p...
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 18th International CloudExpo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Isomorphic Software will exhibit at SYS-CON's [email protected] at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, high-productivity enterprise web applications for any device. SmartClient couples the industry’s broadest, deepest UI component set with a java server framework to deliver an end-...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...