BankThink

Where Banks Failed, a Video Game Succeeded

Years ago, banks gave up on selling tokens generating one-time passwords. The pitch – improved security for online shopping – failed to register with consumers.

Maybe the banks should have offered to throw in an animal as part of the deal.

Forty percent of players of Activision Blizzard's online game World of Warcraft have paid $6.50 each for a security token to protect their accounts, totaling $26 million in revenue from security device sales, according to a VentureBeat story. At the very end, the story mentions users of the token also get a virtual pet to show off to other players within the game.

I wonder: are the players really buying security — or are they buying a pet? If the latter, is this sales pitch something banks could have used?

The banking equivalent to this might be affinity relationships and check designs. I always think back to the 2005 purchase of Liberty Enterprises Inc. by rival check printer John H. Harland Co. (now M&F Worldwide's Harland Clarke) because of the role Popeye, Superman and Batman played in the deal. Harland wasn't just buying a competitor — it was getting access to a wealth of desirable licensed characters. Even today there are people trying to sell banking relationships based on such affinities, including Wag, a nascent online bank for dog owners.

In theory, a bank could take a cue from Blizzard and promote security by offering certain check designs or affinity perks to consumers only after they agree to use a password token.

Unfortunately, if this idea could have worked, its time has likely passed.

Celent's Jacob Jegher, who brought the Warcraft story to my attention by tweeting about it, says banks have traditionally used perks to acquire customers: you offer the free toaster (or, these days, an iPod) to get a new relationship, not to change behavior.

More importantly, he says, the security gains from distributing tokens may no longer be worth the effort.

"Even if banks started dishing out tokens to consumer markets, fraudsters have found ways around that," he says.

Back in 2005, when banks were evaluating one-time password tokens to help them meet new security guidelines, the keychain devices were held in higher regard. But since then, the Zeus malware has run rampant and a data breach at EMC Corp.'s RSA Security, a major supplier of tokens, has eroded trust in the technology.

Maybe someday, with newer security technology, we'll see banks turning to Superman and his peers to get consumers to improve their security.

Daniel Wolfe is an editor for risk management at American Banker.

For reprint and licensing requests for this article, click here.
Consumer banking Bank technology
MORE FROM AMERICAN BANKER