Top financial services companies' Web sites need work if they are to succeed as a channel promoting acquisition and retention of customers, as well as venues for cross-selling products, according to a study conducted by IBM Corp. (Armonk, N.Y.) and Watchfire Corp., a Kanata, Ontario-based e-commerce software and services vendor.
As financial services companies increase their adoption of the online channel, they face a challenge in securing customer trust. "Customers are worried about identity theft and other problems they associate with the Web, and they want to know that the sites they're doing business with are treating their information with respect," says Weider.
While there's always room for improvement, the presentation of the study's findings overstates the case somewhat, says Manuel Barbero, technology group leader, financial services, BearingPoint, a McLean, Va.-based business consulting, systems integration and managed services firm. "Based on my experience with Fortune 100 firms, the large financial institutions have done an excellent job," he says. "The vast majority of organizations have set up compliance mechanisms and processes-they're aware of what has to be done and they're implementing it."
The problem of encryption is more theoretical than actual, Barbero says. "Even to crack things at the 64-bit level requires a concerted effort with considerable computing power," he says. "Plus, there's an easy fix, which is to adopt the encryption with a longer key," such as adopting the 128-bit standard.
Regarding the study's findings on digital certificates, Barbero says the companies' performance is "imperfect, but I don't think that security officers should lose too much sleep over it."
Could Be Worse
John Brahy, director of research and development at ad2, a Santa Monica, Calif.-based company that crafts customer-facing IT solutions for businesses, says, "I think it's a good thing that the issues the study raises are not complicated. They could be much worse."
Brahy regards the IBM/Watchfire findings as more useful as "a usability study than a focus on security." Faults such as broken slinks and slow pages will drive people away from companies' sites, he says. "And spelling errors create a huge problem with credibility for financial institutions. It makes customers wonder if companies' staffs are competent."
Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio