Breach Clarity Wants to Rewrite How Organizations Talk about Their Breaches

By Robert McGarvey

Breach Clarity, a startup from onetime Javelin Strategy + Research co-founder Jim Van Dyke, is about to change how organizations talk about their data breaches – with a loud emphasis on increased transparency, reduced opacity.

Breaches are commonplace. There are four significant ones daily, says Van Dyke. But that does not mean the public knows much about them. Ask any cybersecurity journalist what they do not like about organizational breach press releases and the short answer is everything. That is because opacity – saying as little as possible and offering few details – is the operating philosophy. 

One fact: confused and frightened consumers want more facts about breaches and how they are impacted.

Scoring the Severity of a Breach

Enter Breach Clarity which aims to do three things that are game changing: it scores a breach on its severity, from 1 to 10; it tells an individual what he/she needs to do to protect himself if caught up in a specific breach; and it will soon offer a score of an individual’s risk of being a fraud victim with scores ranging from 1 to 100.

As for the action items Breach Clarity suggests, they will be specific to a particular breach and to an individual. Some breaches set up some individuals for IRS fraud, for instance. Others set up some individuals for new account fraud. Still others often will lead to attempts at account takeovers.  There is no cookie cutter advice. Customization and personalization are what Breach Clarity aims to deliver.

A fourth thing may be even more game changing: Van Dyke, whose Javelin claimed many mega banks as clients, is marketing Breach Clarity as a value add for credit unions to offer to their members.  He already claims one customer – BCU (formerly Baxter Credit Union), the nation’s 56th largest with around $4 billion in assets.  

According to Van Dyke, although BCU is offering Breach Clarity as a free tool to members, it nonetheless forecasts a 5X ROI.  How? Reduced fraud losses – financial institutions, says Van Dyke, absorb the bulk of the losses due to data breaches and the hope is that an informed membership will be better able to take steps early to minimize fraud.  

Van Dyke also says there will be a reduction in member calls for help to call centers – and financial institutions relate that after heavily reported breaches they are swamped with SOS calls.  Fewer calls mean lower costs.

Phase 2 of Breach Clarity’s marketing plan is to expand the focus to national and large regional banks.

Consumers Want This Help

Van Dyke also says that consumer research done by Breach Clarity found a surprisingly robust appetite for such tools among Gen Z and Millennials.  Interest is also high – and expected – among Baby Boomers.

Where does Breach Clarity get its breach data? Via the non profit Identity Theft Resource Center, says Van Dyke, who sits on the ITRC board.

Eva Velasquez, CEO of ITRC, said: “The ITRC is honored to partner with Breach Clarity and provide more meaningful information to consumers and data breach victims.  The biggest challenge breach victims face is understanding the risks associated with a particular breach, and what steps they should take next.  Breach Clarity, powered by the ITRC’s data breach data, addresses this challenge by providing an intuitive risk score accompanied by essential action steps.  We are proud to be a part of a no-cost solution that brings much needed clarity to the victims of data breaches.”

The analytics that score breaches on severity and generate custom corrective steps are results of Breach Clarity algorithms

Three Steps That Must Be Taken

Here are three steps every organization that suffers a breach needs to take to prepare for demands for more transparency and clarity about breaches:

*Ditch the opacity in breach related press releases.  Aim for more transparency, especially around what data was stolen, over what timeframe. 

*Breached organizations need use cybersecurity writers to polish releases.  By all means, involve lawyers and cybersecurity technicians. But writers specialize in the communication skills that will add much needed transparency.

*Be transparent about the cybersecurity steps that the organization has taken.  Don’t give cyber crooks a road map but do disclose to the public information that will help restore confidence.

###

Hear a half-hour podcast with Jim Van Dyke here.  

Blah Tech Coming to a Hotel Near You: We Need Major Fixes Now

by Robert McGarvey’

The headline in hotel trade pub Hotel News Now made me wince: “Personalization, Tight Budgets Dictate Hotel Tech in 2021.”

The sub-head was the face slap: Lack of Funds Hamper Tech Improvements.

Here’s the problem: pre-Covid most hotels I stayed in desperately need significant tech upgrades.

In the Covid era that has not changed. In fact, hotels need more tech because of Covid such as touchless, keyless room entry, apps that permit self-check in and checkout without interacting with a front desk, and – ideally – I want just about everything in the room controllable by an Alexa or Google device and, yes, I have both apps on my phone and both kinds of devices around my home.

Just as I can turn on a light, or a TV, without touching the device at home I now want that same interface in shared spaces such as a hotel room.

Sure, the Covid crisis will pass and probably by mid 2022 just about all of us who will get vaccinated will have been. Business travel will substantially pick up, possibly in Q4 2021. It will never reach the heights it achieved in 2019 but pick up it will.

But we’ll be wanting all that touchless and remote interface tools in hotels even once Covid begins its slow vanishing act because we have gotten used to them.

There goes a good chunk of hotel tech monies.

The money pile will definitely not be tall because hotel analytics company STR has officially declared 2020 the “worst year on record.” How bad is it? So bad that already bottom feeders are circling, looking to pick up failing hotels for pennies on the dollar.

Here’s the problem: there already was a stack of critical hotel tech upgrades that had seemed to be on permanent pause, despite their being needed.

Such as?

In case it has been so long since you have been in a hotel that you have forgotten the tech miseries they inflicted on us, here are the three worst.

Dramatically better hotel WiFi is necessary. Zoom recommends a minimum speed of 1.5 MBPS – but personally I want many times that.  I usually connect at around 350 MBPS – 346 this a.m. – via Google mesh and still I have recurring sound issues on Zoom.  

How fast is hotel WiFi? A website hotelwifitest says it has the data and, in a glance at Phoenix, the fastest wifi I saw was 26.9 at Aloft Airport.  The slowest was 4.6 at Pointe Hilton Tapatio Cliffs Resort.  

I cannot vouch for the recency of these data but it doesn’t matter. Those who have used a lot of hotel wifi don’t need a website to tell us the obvious: hotel wifi sucks.

Wifi at events and meetings is if anything worse than in-room wifi.

Remember, use VPN and your speed loss may be 10 to 30%, sometimes more.  

These speeds are abysmal.  Why so slow? Hoteliers have simply been reluctant to invest in the gear needed to up the speed – even as guests stumble with connections to everything from Netflix to Zoom to corporate servers.

We live online, in the cloud, and yet hoteliers are foisting antiquated and slow Internet at us.

It has to stop and, very probably, as travelers return to hotels one of the first things they notice is the lack of Internet speed.  Complaints will be loud, angry and possibly online (if the users can get online). Get in line and be ready to yell.

Improved cellular access is a must.  When my home WiFi goes out, I shrug, pick up a T-Mobile phone and create a hotspot (and the cellular data is free on that account).  How easy is that?

Except it often doesn’t work in hotels where bad cellular is a longstanding problem.  Here’s a 2004 New York Times article headlined: The Cellphone That Doesn’t Work at the Hotel.  

Nothing has improved in 17 years.

Often, too, the voice connections also falter. How often have you had dropped calls at a hotel?

There are fixes, they are known – but hoteliers haven’t wanted to spend the money and that was before the pandemic.  Their willingness to part with the cash for reliable cellular is no higher now.  

Maybe they still hope we will pick up their inroom phone and use it (although I cannot remember the last time I did).

So shall we must and will yell about bad cellular when we are back on the road.

Porous hotel cyber security.  I have written about this so often I have little left to say except that our personal data – everything from credit card numbers to loyalty account log ins – has been leaking out of hotels for decades.  

Hotels need to take this seriously and agree to a hotel safe data pledge.  

We need to yell, loudly and often, to remind hotels they are compromising our Internet security by not taking their own security seriously.

That’s three big tech steps forward, on top of the Covid related steps. Will hoteliers heed any of our demands?  What I can say with certainty  is that if we don’t lift our voices they will do the same exact nothing about these three tech frailties for a decade.

Speak up or suffer in silence.

Doubling Down on ATMs: Return from the Death

by Robert McGarvey

Just when you thought ATMs had to be going down for the count—and, honestly, who didn’t think that as the pandemic took hold?—the rumbling is loud that ATMs are emerging as a low cost branch replacement option.

Understand, too, that closure of bank branches is on a fast track. Pymnts forecasts that some 20,000 bank branches will close by year-end, mainly because many of us have shifted our banking to digital channels and correspondingly have cut back on branch visits. Personally, I cannot remember the last time I was in a branch. Recently, when I walked by the branch I had very occasionally visited, it had plywood on the windows and doors and a notice that it was closed.

Michael Perito, regional bank analyst for Keefe Bruyette & Woods, a New York investment bank, is on record saying that there needs to be closures of perhaps 20 to 30% of branches—“and that’s a conservative estimate.”

Sure, credit unions are unlikely to close as many branches as banks will because the industry is not over-branched the way money center banks in particular are. There will, however, be closures of credit union branches in neighborhoods where they are not demonstrating there is a need. And other branches will close as institutions “right size” branches from yesteryear’s 3,000+ sf to under 1,000sf (and often just a single teller line, down from the four to eight of yesteryear).

Call this a big branch rethink where what will emerge is the branch of tomorrow. Few believe credit union branches are disappearing. But many think that tomorrow’s branches will make much more use of self-service tools and technologies.

Continued at CU2.0

The Banking Competition Turns White Hot: How Will You Fight Off the Non- and Neo-Banks?

by Robert McGarvey

Just when you thought business couldn’t get tougher—most credit unions now are wrestling with collapsing loan revenues as interest rates continue to tumble. And yet, more non-bank competitors enter the fray.

Sure, some experts shrug them off. The ABA Banking Journal, in a recent story about the rise of non-banks, features this quotation: “‘I saw the other day that I can get a bank account with T-Mobile or something, but I don’t want to bank with T-Mobile—I just can’t imagine that there will be millions and millions of American that are,’ remarks Canapi Ventures partner Walker Forehand.”

I can imagine it and my advice to you is do likewise. You do not have to open a T-Mobile banking account. But work at understanding why some of your members will.

And it’s not just T-Mobile. Suddenly, everybody from neo bank Lili—featured in this CU2.0 write up—and of course Apple (with Apple Pay and Apple Card) is plunging into banking.

Continued at CU2.0

Hospitality: When Will We See a Hotel Safe Data Pledge?

by Robert McGarvey

I applauded when I saw the headline earlier this year: “Marriott International faces class action suit over mass data breach.”

Hotel groups have mismanaged data security for at least a decade. This negligence has put our data in the crosshairs of cyber criminals.

In the Marriott case, the source of the malaise is Starwood, which Marriott acquired in a merger. With Starwood, the group also acquired a massive data breach. Hotel News Now reported that approximately 327 million guests were affected by the breach.

Why am I re-hashing this sorry affair now, two years after the breach was announced? Because the saddest part is that the industry hasn’t learned from it.

Continued at Cybersecurity Writers

CU2.0 Podcast Episode 124 John Findlay on Digital Academy’s Tools for Getting Employees, Members Ready for Digital Banking

 by Robert McGarvey

A dirty secret inside credit unions is that many frontline workers – and very possibly most senior staff – just do not use their institution’s digital banking tools. Why bother when you work in a branch?  Just walk up to a teller and, whoosh, task handled.

And then along comes a pandemic that closes many branches, and makes many members and employees leery of setting foot in the open ones, and suddenly there is a stampede to adopt digital.  A couple problems however.  A lot of the institution’s staff cannot adequately explain how to use the tools because of their own lack of familiarity and a lot of the members who are newly adopting digital are starting at ground zero and genuinely need help.

Enter John Findlay’s Digital Academy, a SaaS (software as a service) tool that aims to solve both problems for credit unions.

Better still: right now there is a 90 day free trial because, says Findlay, the company wanted to do its part in helping financial institutions and their members and customers meet the challenges posed by the Covid-19 pandemic.

What Digital Academy gives financial institutions is an automated way to create an instructional walkthrough that can be used by members and employees alike. How easy is it to create this? Often an institution can create a walkthrough for, say, Mobile Remote Deposit Capture in perhaps a half hour, says Findlay.

How can it be that easy? Remember, it’s automated.  Basically the credit union grabs perhaps a half dozen screen shots. How simple is that?

The cost? Findlay says the company’s tool kit is available for a fee correlated to asset size. An institution in the $100 million range might pay around $15,000 annually. An institution with $1 billion in assets might pay $100,000 annually.

He stresses that significant staff technical expertise is not required to create an instructional walkthrough.  The aim of the tools is to democratize the creation of learning tools.

You wish you already had it? Remember that 90 day free trial…and, says Findlay, so far every institution that has taken the trial has chosen to sign on as a customer.

Hear the podcast to find out why Findlay developed the Digital Academy tools and more details about exactly how easy they are to use.

In the podcast there is mention of a CUBroadcast show – here’s the link.

There’s also mention of a podcast about the CU2.0 Mastermind group – link here.

Listen here.

Get your FREE ticket to the December 9th CU2.0 Fintech Mastermind Presents Showcase Day 2020.  This is the first of its kind event where CU 2.0 has brought together the industries’ top leaders form well known Credit Unions and paired them up with top Fintech experts in one place! Our subject matter expert will help you and your organization tackle the top issues we face today with unique master classes, tailored for folks just like you.

Get your ticket at Eventbrite. 
Click here.

Read up to learn more about Mastermind groups here in this CU2.0 blog post.

Hear the first CU2.0 Mastermind podcast here.  In this episode Kirk Drake and Dr. Patty Ann Tublin, who facilitates the CU2.0 Mastermind groups, talk about why and how Mastermind groups work and who will benefit from them.

Like what you are hearing? Find out how you can help sponsor this podcast here. Very affordable sponsorship packages are available. Email rjmcgarvey@gmail.com

And like this podcast on whatever service you use to stream it. That matters.

Find out more about CU2.0 and the digital transformation of credit unions here. It’s a journey every credit union needs to take. Pronto

CU2.0 Podcast Episode 123 Octavio Marquez Senior Vice President and Managing Director, Global Banking Diebold Nixdorf on ATMs

by Robert McGarvey

Is now the time to bury the ATM?

A few months ago the answer looked like a definite maybe but now, says Octavio Marquez, Senior Vice President and Managing Director, Global Banking, Diebold Nixdorf, ATM traffic is up across much of the US and oftentimes it is higher than pre-pandemic levels had been.

What’s happening, says Marquez, is that financial institutions – credit unions very much included – are rethinking their branch networks and in that process many are also rethinking the role of the ATM.  That new look at ATMs is accelerated by the reality that many of us are seeking to minimize person to person interactions.  And financial institutions are also beginning to look at the ATM as not just a piece of machinery but as a useful player in digital banking.

Along the way, Marquez talks about new uses for ATMs. They no longer are just about spitting out money and taking deposits. On many we can now pay utility bills.  Some can also perform KYC chores for a credit union. Some can print out and distribute a new debit card.

Clearly it’s no longer simply your father’s two note machine.

The podcast opens with a brief discussion of a new partnership of Truliant Credit Union and Diebold Nixdorf where DN All Connect Services are now available to Truliant members.  Said the press release, “The comprehensive service will increase branch and ATM channel efficiency, offer enhanced digital integration and provide members with modern and convenient self-service banking options.”

Rik Kielbasa, chief digital officer at Truliant, said: “Our expanded partnership with Diebold Nixdorf will help us anticipate future market needs and develop even stronger connections with our members. User expectations around ATM services are constantly evolving, and enhanced functionality allows us to exceed these expectations and increase service levels. Implementing DN Allconnect Managed Services offers opportunities to continuously optimize the member experience so we never miss a moment with them.”

In the same press release, Marquez said, “Together, we’re on a mission to amplify Truliant’s membership through a truly consumer-centric, highly-available ATM experience.”

Listen up.

Get your FREE ticket to the December 9th CU2.0 Fintech Mastermind Presents Showcase Day 2020.  This is the first of its kind event where CU 2.0 has brought together the industries’ top leaders form well known Credit Unions and paired them up with top Fintech experts in one place! Our subject matter expert will help you and your organization tackle the top issues we face today with unique master classes, tailored for folks just like you.

Get your ticket at Eventbrite. 
Click here.

Like what you are hearing? Find out how you can help sponsor this podcast here. Very affordable sponsorship packages are available. Email rjmcgarvey@gmail.com

And like this podcast on whatever service you use to stream it. That matters.

Find out more about CU2.0 and the digital transformation of credit unions here. It’s a journey every credit union needs to take. Pronto

Climb Aboard the Contactless Revolution

By Robert McGarvey

What a difference a pandemic makes.  Just six months ago when contactless payments came up, credit union c-suiters, most of them, yawned and dismissed it as a nice to have that hadn’t vaulted up to must have status – and, besides, many hundreds of credit unions are signed up for Apple Pay which gives users a version of contactless.  Who needs more?

More specifically: who needs a credit union contactless enabled debit or credit card?  Most credit unions, just six months ago, thought the right answer was not us.

That was then, this is now and now, in a in a pandemic, the consumer’s cry is getting loud: give us contactless and give it to us now.

Continued at CU2.0

CU2.0 Podcast Episode 110 The Omnichannel Voyage, Part 1 with Vince Bezemer of Backbase

by Robert McGarvey

For how many years have you heard about omnichannel banking – and you also know not many institution have done this more than pay lip service to an idea of the digital first financial institution.

About 90% of financial institutions in the US in fact fall very short of really getting omnichannel, says Vince Bezemer, head of strategy at Backbase, a digital platform provider with the tagline “Become the Bank that People Love.”

That means about 10% of US FIs are in fact digital first and of course that includes many of the biggest.

But it does not mean that credit unions can’t succeed in embracing a digital first strategy.

In fact now, in the Covid-19 era, many are going forward at high speed to become digital first.

As for Backbase’s pedigree, know that its clients include Navy Federal, State Employees Credit Union of North Carolina, and Schools First.

But Bezemer in this podcast stresses that Backbase has tools and services for smaller institutions too. 

This podcast is Part 1 of a two part series on digital first.  In this podcast Bezemer talks at length about what digital first means, why it is important, what institutions need to really do it, and why you don’t want to define your credit union with cookie cutter tools and apps that literally hundreds of other credit unions use.

In Part 2, you will hear from Wildfire Credit Union, a Backbase client that is deep into its transformation into a digital first institution. It’s a rare, candid look at what the process really is.

You know digital first matters.  

Listen up.

Hear the Backbase podcast here.

Like what you are hearing? Find out how you can help sponsor this podcast here. Very affordable sponsorship packages are available. Email rjmcgarvey@gmail.com

And like this podcast on whatever service you use to stream it. That matters.

CU2.0 Podcast Episode 99 Brad Smith on the Post-Pandemic Tech You Need Now

by Robert McGarvey

Call it a sea change – a massive alteration of the US financial services landscape.  Everything seems different today and it is because of the pandemic.

What do you need to be thinking abut now to survive tomorrow?

An interview I did with Cornerstone consulting firm’s Brad Smith for a CUInsight article left me wanting more from Smith and here it is, a one-on-one podcast where we hear what smart credit unions are doing today.

Like what? Like recognizing that the mainstage role of the branch finally is over, probably forever. Smith is not saying he thinks branches are toast – he doesn’t – but he thinks their role is necessarily changing as many of us have gotten accustomed to not needing the branch and many of us also are simply fearful of places like branches.

Much financial services has shifted to digital and there it will stay.

“The challenge for credit unions now is learning to sell through the digital channel,” said Smith – and many institutions are playing catch up.  There’s no time to delay.

An unexpected problem, said Smith, is that the economy’s collapse has necessitated taking a new look at the FICO scores that used to enable confident and instant credit decisioning.  But that 800 score of May may be today’s 700 score and falling due to late pays, job loss, and worse.  

How can an institution provide the fast decisioning consumers now expect – but do it safely? Smith has thoughts.

Another big winner today: MRDC, said Smith. Even those who had scorned it are diving in.  

One more big winner: video chat.  We use it at work and we are now ready to use it in financial services. “Video conferencing will be another net winner,” said Smith.

An area where credit unions need to hop to it: credit card rewards programs need restructuring. The big players – Amex, Chase, Capital One – already are on the move.  Credit unions need to think fast and hard about this. But not many are, Smith admitted.

A last pandemic triggered push: a huge drive for cost savings and efficiencies. Many credit unions are looking to trim costs on commodity tech – think core systems – and redirect monies into strategic tech – such as true digital account opening.

Big changes are in motion.  Smith offers a road map in this podcast.  Take notes.

Hear the Smith podcast here.

Like what you are hearing? Find out how you can help sponsor this podcast here. Very affordable sponsorship packages are available. Email rjmcgarvey@gmail.com

And like this podcast on whatever service you use to stream it. That matters.

Find out more about CU2.0 and the digital transformation of credit unions here. It’s a journey every credit union needs to take. Pronto