Snippet: The increasingly global nature of business means many of us work differently now. Corporate treasurers are no exception. They’re more mobile than ever before and, having taken on a more strategic function within organizations, they face pressure to make informed decisions and act on them fast, wherever they happen to be.

The race is on

The increasingly global nature of business means many of us work differently now. Corporate treasurers are no exception. They’re more mobile than ever before and, having taken on a more strategic function within organizations, they face pressure to make informed decisions and act on them fast, wherever they happen to be. They want technology to help improve their productivity and facilitate real-time information sharing on the go, and they expect their banks to deliver the tools to do just that. 

The good news for all those jetlagged CFOs out there is that banks are listening. Over and above improvements to corporate banking portals, banks are working hard to roll out and expand mobile banking capabilities. Midway through 2013, Aite Group found that just under one third of the top 50 U.S. banks were offering corporate mobile banking. Amazingly, a further 64 percent expected to launch corporate mobile banking before the end of 2014. The primary catalyst in this race, Aite Group found, is customer retention. 

Rather than having to settle for a warmed-over retail banking product, corporate finance executives can now benefit from mobile functionality directly related to the work they do: easy access to balance statements, real-time reports on their global cash position, the ability to initiate and approve payments and allocate new payment authorities remotely. 

It’s what they want, so why have so few signed on?

Meeting security concerns is vital

Functionality is important, but so too is providing robust security, especially with the high transaction values involved and the special regulatory requirements to which international financial institutions and multinationals are subject. In the August 2013 study I mentioned above, Aite Group estimated that 35 percent of corporate treasurers are “very concerned” about mobile security and are therefore unwilling to use mobile banking services (a relatively small improvement on the 43 percent Aite Group reported having the same concerns three years earlier). The larger the corporation, the greater the concern over mobile security, Aite Group found.

It’s cold comfort to companies that their banking partners increasingly share the financial, if not reputational, risk. Courts in the U.S. are holding financial institutions liable for losses incurred as a result of fraudulent attacks on their customers’ accounts. Take for instance the ruling, in July 2012, by the First Circuit Court of Appeals in Boston in favor of PATCO Construction Inc. in its battle against People’s United, over a $500,000 account takeover incident in 2009. The appellate court described the bank's security procedures as “commercially unreasonable” and suggested an out of court settlement. Similar cases involving Professional Business Bank, PlainsCapital Bank and Comerica Bank have seen courts side with the plaintiffs.

In October 2011, the U.S. Securities and Exchange Commission issued cyber security guidelines and disclosure requirements for listed companies, likely foreshadowing federal legislation or regulation requiring companies to disclose data breaches and emerging security risks. Disclosures such as these will significantly increase the threat of litigation in the future, especially with the increasing prevalence of mobile-enabled transacting and the fact that losses incurred by businesses are not insured by the governments (or the FDIC in the U.S.). 

With mobile malware on the rise, rethinking approaches to user and transaction authentication is crucial if banks want to protect themselves and also drive adoption. Current industry solutions to digital fraud have not adequately addressed users’ concerns over the safety of the mobile channel, certainly not without impacting negatively on the user experience.

Convenience need not be sacrificed

By erring on the safe side, banks have very often compromised on delivering a satisfying customer experience. There is absolutely no reason to do so, as many banks are learning. In this regard, I liked what Christine Barry, Aite Group’s research director in wholesale banking, was recently quoted as saying: “Although building the case to move forward with a corporate mobile offering has been challenging for many institutions, lessons learned by early mover banks are now helping others enhance their mobile service to corporate banking clients.”

Standard approaches to two-factor authentication in online and mobile corporate banking have mostly centered on the one-time password (OTP). But users find having to carry OTP generator hardware a hassle, and reentering these strings of digits for login and every subsequent transaction an error-prone waste of time. Worse still, OTPs do not guarantee protection from phishing attacks and malware-enabled account takeover fraud.

Take the lead!

Entersekt helps financial institutions fight cybercrime by dispensing with outdated approaches to user authentication, such as OTPs. Our online and mobile banking system harnesses the power of public key infrastructure and deploys it to the mobile phone or tablet in a seamless and transparent manner. Industry-standard digital certificates authenticate the device, digitally sign transaction verification requests, and encrypt communications to and from the financial institution.

Armed with Entersekt’s Transakt product, corporate finance officers enjoy complete peace of mind when logging on, accessing data and transacting with their mobile phones. They also benefit from advanced functionality that avoids having to generate and enter signing codes to approve batched transactions, a frustrating chore when performed on the mobile device, and a truly Herculean task in territories such as Singapore that have mandated that each transaction in a batch be individually approved and digitally signed. 

Transakt provides an uncluttered, intuitive interface for viewing all transactions in a batch and approving them individually with a single touch. Where multiple approvers are required – whether by a quorum or in a defined escalation – transaction authentication messages are sent to all the parties, and the transaction is approved only when the required number has responded.

Combined with Transakt’s support for multiple certificate authorities and compatibility with all mobile platforms, this enables anywhere, anytime corporate banking that holds gold-standard levels of security in perfect balance with ease of use. For more information on a winning business mobile banking offering, download Entersekt’s new white paper, The Importance of Transaction Signing to Banks.

Subscribe to our blog.

Entersekt editor

Entersekt editor

An avid scowler and violent sharpener of pencils, Editor’s bark is worse than her bite. Every scrap of writing that crosses her desk she treats with the same care she would her own privately published comic verse. Any orphans and misfits, she takes under her wing. After hours, she practices amateur type design and represents her local library in extreme kerning competitions.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.