No critics of slow-going on-line account aggregation, the trend toward stronger user authentication underscores an obvious point: It could be a pipe dream after all.
Forrester issued a report in June pronouncing the "death knell" for account- aggregation services with the advent of multi-factor authentication. Besides producing only lukewarm interest to begin with, aggregation of consumer banking and financial services accounts now clashes with an incompatible anti-fraud technology, the report said. That a customer could use an intermediary service to handle two-factor sign-on procedures makes its implementation even more unlikely, the report notes.
But a caveat in this troubling outlook for on-line aggregation is the focus on services as "currently implemented." For data-aggregation firm Yodlee, a new avenue of aggregation is already being paved, whereby the stand-alone aggregation application is evolving into a new role as a platform to "turbo charge" existing bill payment, presentment, funds transfer and other capabilities for a bank's on-line services, says Schwark Satyavolu, CTO Redwood Shores, CA-based Yodlee. "Aggregation itself is sort of at a point where it's of inflection in terms of its use and how it's perceived," he says.
In June, Yodlee announced a revamp of its on-line bill-pay and personal financial-management products to accommodate PassMark Security multi-factor technology. The company has also worked for years with organizations like the BITS consortium of the Financial Services Roundtable to take inventory of banks? investments in bill-pay, on-line banking and other technologies, and how they "might actually be alleviated or managed if the time comes to put some of these strong authentication [features] out there," says Satyavolu. The BITS work led to a consortium proposal last year to allow aggregation firms to compile data through the Open Financial Exchange standard that supports personal financial software.
In a new report from Celent, the convergence of on-line banking services with PFM services-what Celent terms personal cash management-is being built by on-line bill pay firms like CheckFree as well as "traditional aggregation companies [which] are also offering new approaches to bill payment that combine a revenue-generating approach in combination with PFM Lite capability," it said. These services can perform aggregated functions like authenticating outside accounts for funds transfer in real time, and pushing financial services statements through encrypted e-mail that can include a "pay now" link.
With the on-line banking channel now handling more transactions than any other channel at large banks, Celent reports, institutions must strain to find new revenues to handle the expensive maintenance required for their Web presence. Without aggregation, building the necessary financial-planning tools into these enhanced on-line banking features isn't possible.
Aggregation firms "have really become niche players as applications on the banking side," says Jim Van Dyke, founder and principal analyst of Javelin Strategy and Research in Pleasanton, CA, and a longtime aggregation-sector critic.
Where Van Dyke says firms like Yodlee and funds-transfer application vendor CashEdge have been especially adept is targeting banks and brokerages expanding services for high-net-worth individuals. CashEdge this year launched a funds transfer/aggregation product through partner Digital Insight.
When Yodlee announced its alliance with PassMark, the company gained immediate viability with accounts at Bank of America, which launched a multi-factor PassMark token solution branded SiteKey that rolled out nationwide in July. It could widen its reach if it successfully marries Yodlee services with the RSA Security's SecurID concept that Satyavolu says could be completed by year's end. Although a higher-priced product because of its use of registered RSA tokens-such as a keychain-RSA may attract financial institutions since so many use it for their internal corporate environments. Only on-line brokerage firm E*Trade has adopted RSA SecurID for consumer use, according to Satyavolu.
As far aggregation being "dead," Satyavolu says, "that hypothesis hasn't really proven itself out. There is a bunch of different implementation out there that we've effectively been able to have created a compatible infrastructure with."
