WASHINGTON–A panel on the topic “Who Has My SSN?” was pretty unanimous that the answer is “just about everybody.” The bigger question explored by the panelists as what can be done about it in an era of rampant fraud and when open banking is becoming a reality.
Addressing those issues during Mitchell Stankovic’s Underground meeting here were:
- Shazia Manus, chief data and analytics officer with TruStage (moderator)
- George Estrada, principal strategic advisor with AWS
- Lisa Arthur, U.S. managing director and global CMO with Sensedia
- Anshul Verma, head of partnerships North America with Mambu
- Rahul Kumar, VP and GM of financial services and insurance with Talkdesk
Here’s a look at some of what was discussed:
Kumar: We are in the contact center business and we see our customers are getting attacked every single day. There’s inbound fraud and outbound fraud and it’s not the fact that your data was compromised in a data breach. We all know are the smartest guys in the room are creating and working every single day to break down your processes, your data and your members’ data.
I think you need to think about three things: your data, your processes and the technology that you have access. A combination of all of these three things can help you.
When I talk about processes I have conversations with credit union leaders and to this day when I ask them how are you identifying your members, how are you authenticating them, they say, ‘We use the Social Security numbers or we use the member ID in combination with the date of birth or the last four of the account number. Is that safe?
Creating a Process
When you think about your processes you need to start thinking about how do we create a process where we can continue to bring in more and more steps into the member journey that minimize the risk to our members and our customers.
For example, if somebody’s asking for a balance, yes, you can probably use their voice as an authentication mechanism and give them their balance. But if they need to transfer money, if they need to initiate a wire, maybe you need to think about something else.
The Data Story
I think the data always tells the story. There is enough data and technology out there that help you identify patterns. One of our customers in the prepaid world…leveraged some of the technology…and have now been able to identify typical patterns. They do it not as a one-time exercise; they do it every day. They have a dedicated team that is looking at the data. They’re identifying patterns and with AI now they are able to generate real-time sensors that notify that workforce around some of these patterns…They’ve bene able to save over $2 million.
The final thing I would say is don’t stick to the status quo. What has worked for you all for all of these years is not going to work in the future. Continue to challenge yourselves, continue to work with your technology providers because technology is there but it’s also your willingness to be change drivers and a willingness to embrace technology that can help you and guide you.
‘Risky Situation’
Arthur: When we think about who’s got your information when you’re giving vital credentials to establish a relationship with your credit union through a third party, that is risky. We can’t really answer who has our Social Security number.
Let’s talk about security. The whole open banking concept has been a cuss word for credit union executives. I’ve interviewed many CEOs from the biggest to the smallest and all I hear is ‘Open banking is increasing our risk, increasing the privacy concerns, and by the way, it’s going to cost us money.’ I want to challenge you to flip that and think about how open banking is really about creating member empowerment and a relationship based on that data securely with the financial, with your credit union.
This is about member empowerment and control and owning your own data. Don’t let the data aggregators do this. Let’s work together in this credit union space to protect our members.
Lastly, it’s not just technology for technology’s sake. The alternative to screen scraping through open banking is about standardized APIs, standardized consent and authorization management. It is something we can work on together.
Making a Pivot
Estrada: I’m very humbled being here on how we’re talking about this and how we’re thinking about it. With technology, we love and the media loves talking about a revolution. AI is a revolution. Security is a revolution. Open banking is a revolution. I’m going to propose that everybody start thinking about these things as an evolution.
The reason is that revolutions are very messy, there’s a lot of destruction and sometimes they’re not positive. But evolution is trial and error. Most importantly it’s also about different environments.
One of the key factors for credit unions is how diverse and different they are Their communities are different. We’ve been talking about this over and over again and why is it important. It’s important because when it comes to (data security) you hear people say ‘My stuff is already out there.’ Most Americans really don’t care anymore who has their Social Security number, because they’ve been desensitized.
A Lesson From the TSA
What we need to think about is how do we evolve and continue to reinforce and make these systems. TSA doesn’t even look at your boarding pass anymore. You have you look at a camera; they’re doing biometrics. What does that tell me? That tells me that that’s something we’re going to have to incorporate at some point down the line, whether it’s with our phones or on the computer.
People expect that. If we reframe the way we think about this, and this is an evolutionary process, we could adapt to our audience, to our members, to our vendors, to our partners as needed as we go along.
There an Italian saying I’ve loved for a long time, Sbrigati lentamente, which means, ‘hurry slowly.’ At AWS we want to help you move as fast as you can tolerate, but at the same time we’re going to make sure that you’re making the right fast moves.”
The Positives Around Open Banking
Verma: Open banking of course is something that causes anxiety, but I would like position this in a much positive way.
At the crux of it it’s about sharing the members financial data. How this works is that the credit union, with the consent of the member, shares in a very secure (way) the data with a third party. which is fintech that is bringing in a unique proposition for the member. If there is an aggregator proposition, where you have 12 accounts across different banks and credit unions coming all together, it gives you a 360 view of your finances. It can help you decide where to invest. It can give you a savings strategy. It can help you budget.
So, those are some of the benefits that the end-member can experience through open banking.
The bottom line is that of course data is being shared and with technology evolving there…are more cyber security risks. But I think what technology is also providing is answers to how you can at every checkpoint understand where the data is going.
Being ‘Bombarded’
We should also be aware of this not just from a financial data perspective but also there’s so much social data, like Instagram and Facebook, and we’re being constantly bombarded by recommendations.
I think it’s also an opportunity for credit unions to educate their members not just around financial data and social data, but how this data is shared and what are the controls that are put in place. The consumer has the right to having the appropriate control.
I think the skepticism around open data can be looked at in another way when we think about a partnership instead of something that’s a competitive threat to credit unions. I think it’s a partnership and an opportunity to explore new revenue streams by working together.