Security vs. Usability: The Trade-off

Author: David Webber

Anything that increases customer security is a good thing

A recent Which? report has crowned NatWest/RBS the most secure online banking provider, yet the consumer champion branded Santander the least secure provider due to its ‘inadequate’ logging out process. But is rating security features in this way accurate? And at what point does increased security start to impinge usability and customer satisfaction?

With online banking fraud losses hitting £40 million last year, anything that increases the security of customers’ accounts is a good thing, which is precisely why NatWest/RBS’s card reader scored so highly in the report. Customers are required to use card readers when transferring money to a new payee and when changing account details. However, our own research has found that this additional layer of security comes at a price. Nearly a quarter (23%) of consumers say they are frustrated by the need to use a card reader, while one in ten (11%) admit to having lost their card reader altogether and consequently are unable to access their digital banking system. For consumers who want to securely access their money at the touch of a button, such stringent security features are clearly a challenge.

Passwords present a similar issue. A quarter (25%) use the same password for most digital activity, while the same amount admit to writing down their digital banking passwords as they have too many to remember. Perhaps one of the most worrying facts I’ve heard is that ‘password’ was the most common password in 2012, according to password management software provider, SplashData. So, while asking consumers to input a robust eight, ten or twelve digit password can enhance digital banking security, it can also undermine it – particularly if the password is written on a scrap of paper, saved in a phone or simply called ‘password’.

From NatWest/RBS to Santander, every bank on the high street is taking steps to enhance the security of its digital banking systems. However, it is a constant balancing act between usability and security, not a simple case of who has the most visible security hoops for consumers to jump through. User experience plays an essential part in this and, when it comes to our money, it is not something we can afford to ignore. Ultimately, digital banking security doesn’t just need to be robust, it needs to be usable and understood by consumers in order to be truly effective.

21 Oct 2013

Author: David Webber

Anything that increases customer security is a good thing

A recent Which? report has crowned NatWest/RBS the most secure online banking provider, yet the consumer champion branded Santander the least secure provider due to its ‘inadequate’ logging out process. But is rating security features in this way accurate? And at what point does increased security start to impinge usability and customer satisfaction?

With online banking fraud losses hitting £40 million last year, anything that increases the security of customers’ accounts is a good thing, which is precisely why NatWest/RBS’s card reader scored so highly in the report. Customers are required to use card readers when transferring money to a new payee and when changing account details. However, our own research has found that this additional layer of security comes at a price. Nearly a quarter (23%) of consumers say they are frustrated by the need to use a card reader, while one in ten (11%) admit to having lost their card reader altogether and consequently are unable to access their digital banking system. For consumers who want to securely access their money at the touch of a button, such stringent security features are clearly a challenge.

Passwords present a similar issue. A quarter (25%) use the same password for most digital activity, while the same amount admit to writing down their digital banking passwords as they have too many to remember. Perhaps one of the most worrying facts I’ve heard is that ‘password’ was the most common password in 2012, according to password management software provider, SplashData. So, while asking consumers to input a robust eight, ten or twelve digit password can enhance digital banking security, it can also undermine it – particularly if the password is written on a scrap of paper, saved in a phone or simply called ‘password’.

From NatWest/RBS to Santander, every bank on the high street is taking steps to enhance the security of its digital banking systems. However, it is a constant balancing act between usability and security, not a simple case of who has the most visible security hoops for consumers to jump through. User experience plays an essential part in this and, when it comes to our money, it is not something we can afford to ignore. Ultimately, digital banking security doesn’t just need to be robust, it needs to be usable and understood by consumers in order to be truly effective.