• Home

  • Documents

  • A good user experience is a safer user experience
3
Treasury and Trade Solutions A good user experience is a safer user experience User-centered design not only improves interaction with bank solutions but can also deliver enhanced security without increasing friction, write David Coutinho, Global Head of Digital Channel Capabilities and Raj Shenoy, Global Head of Digital Security at Citi Treasury and Trade Solutions. Any ambitious bank’s goal is to create connected solutions that allow users to interact with the bank in their preferred way, whether embedded in their own ecosystem or the bank’s ecosystem. One way to achieve this is to deploy design thinking – also known as user-centered design (UCD) – to ensure that problems are addressed from the client’s perspective and that solutions are not force-fitted to client needs. How does this work in practice? Let’s look at one example: Payments are a core service for all corporates and a critical function for banks. But often making a payment can be a lengthy and onerous process given the multiplicity of payment types and instructions (which help payments navigate through the bank’s network) available around the world. When engaging clients to better understand their challenges, Citi identified payments as a common friction point. Citi dimensioned this anecdotal feedback via data analytics on the client population and validated that the investment required to fix the problem would be worthwhile – and then set to work. David Coutinho Global Head of Digital Channel Capabilities, Treasury and Trade Solutions, Citi Raj Shenoy Global Head of Digital Security, Treasury and Trade Solutions, Citi

A good user experience is a safer user experience

  • Upload
    others

  • View
    15

  • Download
    0

Embed Size (px)

Citation preview

Page 1: A good user experience is a safer user experience

Treasury and Trade Solutions

A good user experience is a safer user experience

User-centered design not only improves interaction with bank solutions but can also deliver enhanced security without increasing friction, write David Coutinho, Global Head of Digital Channel Capabilities and Raj Shenoy, Global Head of Digital Security at Citi Treasury and Trade Solutions.

Any ambitious bank’s goal is to create connected solutions that allow users to interact with the bank in their preferred way, whether embedded in their own ecosystem or the bank’s ecosystem. One way to achieve this is to deploy design thinking – also known as user-centered design (UCD) – to ensure that problems are addressed from the client’s perspective and that solutions are not force-fitted to client needs. How does this work in practice? Let’s look at one example:

Payments are a core service for all corporates and a critical function for banks. But often making a payment can be a lengthy and onerous process given the multiplicity of payment types and instructions (which help payments navigate through the bank’s network) available around the world. When engaging clients to better understand their challenges, Citi identified payments as a common friction point. Citi dimensioned this anecdotal feedback via data analytics on the client population and validated that the investment required to fix the problem would be worthwhile – and then set to work.

David CoutinhoGlobal Head of Digital Channel Capabilities, Treasury and Trade Solutions, Citi

Raj ShenoyGlobal Head of Digital Security, Treasury and Trade Solutions, Citi

Page 2: A good user experience is a safer user experience

3Treasury and Trade Solutions2 A Good User Experience Is A Safer User Experience

Citi has already done a proof of concept, built out quick prototypes, tested them internally and then extended the proof of concept to some clients.

Analysis of hundreds of thousands of beneficiaries revealed that in 80%-90% of cases the payment method used for a particular recipient does not change after the initial payment. Citi used this insight to create CitiDirect BE® Simple Payment, which uses machine learning to narrow the field of payment choices when payee information is entered. As a result, instead of entering information relating to 15 or 20 different aspects of the payment, the client just has to state who they want to pay, how much, and when.

Citi has used UCD in a similar way to improve clients’ login experience for solutions such as CitiDirect. As a global institution, Citi is subject to regulatory requirements across the world, many of which relate to how users access digital platforms. To comply with these requirements, Citi ended up with seven different available login mechanisms, making the process complicated for a first-time user.

Using real-time telemetry, which tracks users’ experience and identifies process elements where users most often encounter problems, Citi made improvements to the login process. The solution is similar to Simple Payments in that it intelligently narrows the range of choices available to the user based on the first piece of information they input – who they are. As a result, they only see choices that their credentials actually give them access to.

Citi has already done a proof of concept, built out quick prototypes, tested them internally and then extended the proof of concept to some clients. This was adjusted based on feedback and user experience and will soon be deployed for more clients.

UCD has also informed Citi’s automated onboarding solution, which accelerates clients’ time to market when adopting new solutions. Historically, onboarding has been an analogue process involving form selection, manual data inputting, uploading to the system, instructing capabilities, scheduling training for users and then sending out user credentials: the entire process can take months.

In the last year, Citi has increasingly moved to a digital onboarding process, which starts with the Citi salesperson asking who (at the client) will supply the relevant documentation. This individual is given digital access that allows them to upload documents and the data required to set up the solution. Using API-based solutions, Citi can set up a CitiDirect client definition (which outlines how clients interact with Citi products and services), automatically apply entitlements to these products and automatically add any relevant accounts to the client definition.

All of this typically takes place within minutes and in anticipation that the client will successfully complete the documentation – because in almost all cases this is what happens. Once Citi has the documentation and confirmed that it is complete, then the client’s security managers (who are responsible for, among other things, adding additional client-side users) provide users’ information (name, contact information, etc.). An API-based solution then sends out a welcome email to these new users that gives them initial low security access.

All users go through an automated new user registration process that allows them to choose a secure authentication option that they are comfortable with – some clients prefer the use of mobile devices and others use alternative authentication processes. The registration process automatically triggers delivery of their chosen security option, either electronically or by couriering a physical token. The entire process typically takes around two days.

How UCD can improve securityFrom Citi’s perspective, security is about working in an effort to ensure the person the bank interacts with is who they claim to be and that they are authorized to perform the functions they wish to. To do that, authentication and verification are necessary. How can UCD make these processes easier and more effective?

UCD helps identify client friction points associated with security – such as when customers have to authenticate themselves – and helps resolves them. Most banks rely on a physical token for login; customers enter a PIN and receive a one-time use code. While this is considered a secure option, it can be inconvenient for users, especially if they have multiple tokens for different accounts and travel frequently.

The solution is to use an item most people have with them at all times – a smartphone. Rather than a physical token, a software token is generated using an app. Citi then iterated this idea further, seeking to overcome the inconvenience of having to manually retype the code into a PC. As most smartphones now have active biometric capabilities (either facial or fingerprint recognition features), the smartphone is used as a complementary device, not only providing access to the CitiDirect mobile banking app but also to the desktop version; a push notification is sent from the PC to the smartphone when the user enters their ID, prompting them to use the biometric sensor on their smartphone to log in.

UCD is also valuable in tackling one of the greatest challenges facing companies in the 2020s; cyber security. Cyber criminals become more sophisticated every year, so it is essential to constantly explore new ways to combat the threats they pose.

Page 3: A good user experience is a safer user experience

Treasury and Trade Solutionsciti.com/treasuryandtradesolutions

© 2020 Citibank, N.A. All rights reserved. Citi and Arc Design is a registered service mark of Citigroup Inc.

1977259 05/20

UCD is also valuable in tackling one of the greatest challenges facing companies in the 2020s; cyber security. Cyber criminals become more sophisticated every year, so it is essential to constantly explore new ways to combat the threats they pose. One additional weapon in the battle against cyber crime is to use technology to continuously verify user’s identity after they log in. Doing this with active biometrics would be disruptive to users – but UCD identified an alternative.

One of these technologies currently being rolled out by Citi is behavioral (or passive) biometrics. This technology uses advanced data techniques to identify unique traits in how people interact with their PC, such as how they move a mouse, navigate an app or type. Because they operate in the background, passive biometrics are unobtrusive and invisible to users.

Only if an anomaly is detected, the user is asked to verify their identity. This could involve re-authentication using active biometrics or a code from a physical or software token, answering a question (selected and answered by the user in advance) about their favorite food, for instance, or inputting a code sent to the user by email or SMS. Corporates have maker/checker processes so that no single individual can both initiate and validate a transaction; these are used as an additional line of defense, with a checker alerted to look carefully at any transaction the user exhibiting unusual behavior has initiated.

Another way that UCD can improve security is by simplifying processes associated with entitlement management. Client’s security managers are responsible for updating entitlements; making changes is often complex and time-consuming. By adopting a UCD mindset, Citi is evolving the process so that the screens the security manager interacts with most frequently are simplified. Most importantly, the concept of user personas has been adopted, so that when individuals change roles their entitlements can simply be copied by the security manager to the person who takes over that position, rather than starting the entitlement process from scratch. Similarly, it is possible for the security manager to clone existing entitlements from one role to another, streamlining the creation of a new user. By making the process simple, it enables better security administration.

Convenience and security can go hand-in-handUCD delivers the power of personalization. As a result, it provides an opportunity to significantly improve how customers interact with Citi solutions and, by making it possible to understand customer behavior more deeply, can play an instrumental role in enhancing security without increasing complexity or friction. Indeed, just the knowledge that Citi is deploying invisible, intelligent security helps enhance customer safety by dissuading bad actors – they are likely to turn their attention toward an easier target.

UCD has already informed many Citi solutions, active biometrics is live in 70+ countries and passive biometrics has started to rollout; the expansion of both is expected to continue in the coming months. UCD and the power of personalization will continue to endeavor to make it faster, easier and more secure for clients to do business with Citi. As new technologies emerge, Citi will vet them to ensure they are secure enough to incorporate into the bank’s platform, and will consider their benefits through a UCD lens to continually simplify and enhance users’ experience.


User experience and Security in the Cloudsalsahpc.indiana.edu/CloudCom2010/slides/PDF/User...User Experience (UX)User Experience (UX) Persons’ perceptions and responses that result

User experience and Security in the Cloudsalsahpc.indiana.edu/CloudCom2010/slides/PDF/User...User Experience (UX)User Experience (UX) Persons’ perceptions and responses that result

Documents
Drivers You Are Missing in Content Marketing · + Mobile Friendliness + Social Signals + User Experience Technical SEO HTTPS (securing user info) ... It’s safer than HTTP and Google

Drivers You Are Missing in Content Marketing · + Mobile Friendliness + Social Signals + User Experience Technical SEO HTTPS (securing user info) ... It’s safer than HTTP and Google

Documents
Experience the i2 Summit for a Safer Planet

Experience the i2 Summit for a Safer Planet

Technology
Safer Community User Guide

Safer Community User Guide

Documents
Co-experience: user experience as interactionplyons/Papers (by others)/HCI/User...Co-experience: user experience as interaction KATJA BATTARBEE* and ILPO KOSKINEN University of Art

Co-experience: user experience as interactionplyons/Papers (by others)/HCI/User...Co-experience: user experience as interaction KATJA BATTARBEE* and ILPO KOSKINEN University of Art

Documents
Experience with the expansion of the Safer Clubbing network DC&D Safer Nightlife Group 23.10.2008, Bucharest Speakers: -René Akeret (Safer Clubbing Switzerland)

Experience with the expansion of the Safer Clubbing network DC&D Safer Nightlife Group 23.10.2008, Bucharest Speakers: -René Akeret (Safer Clubbing Switzerland)

Documents
Safer Access Selected Experience Israel

Safer Access Selected Experience Israel

Documents
How to make your internet experience faster and safer

How to make your internet experience faster and safer

Documents
Towards Safer Roads in Nigeria: 25years Experience · PDF fileTowards Safer Roads in Nigeria: 25years Experience ... • Towards Safer Roads in Nigeria: 25years Experience ... public

Towards Safer Roads in Nigeria: 25years Experience · PDF fileTowards Safer Roads in Nigeria: 25years Experience ... • Towards Safer Roads in Nigeria: 25years Experience ... public

Documents
OPEN SPACE newsletter€¦ · and safer user-experience in one of Albuquerque’s most treasured and living habitats-for humans and wildlife both-your Open Space Division-managed

OPEN SPACE newsletter€¦ · and safer user-experience in one of Albuquerque’s most treasured and living habitats-for humans and wildlife both-your Open Space Division-managed

Documents
Safer Community User Guide - Vanderbilt University

Safer Community User Guide - Vanderbilt University

Documents
User Experience is dead. Long live the user experience!

User Experience is dead. Long live the user experience!

Technology
ANALISIS USER EXPERIENCE DAN USER INTERFACE€¦ · skripsi analisis user experience dan user interface dengan pendekatan goms analysis studi kasus: tokopedia.com user experience

ANALISIS USER EXPERIENCE DAN USER INTERFACE€¦ · skripsi analisis user experience dan user interface dengan pendekatan goms analysis studi kasus: tokopedia.com user experience

Documents
User Experience Direct - Oracle · User Experience Direct (UX Direct) is an Oracle Applications User Experience (UX) program that provides user experience expertise to Oracle customers

User Experience Direct - Oracle · User Experience Direct (UX Direct) is an Oracle Applications User Experience (UX) program that provides user experience expertise to Oracle customers

Documents
User experience & design user centered analysis

User experience & design user centered analysis

Design
Kenya country experience: A Safer Cyber Space for Children · Kenya country experience: A Safer Cyber Space for Children Africa Child Online Protection (ACOP) Summit 15th-16th December,

Kenya country experience: A Safer Cyber Space for Children · Kenya country experience: A Safer Cyber Space for Children Africa Child Online Protection (ACOP) Summit 15th-16th December,

Documents
Info@userexperiencecenter.com User Experience Center - Profile Redefine User Experience info@userexperiencecenter.com

[email protected] User Experience Center - Profile Redefine User Experience [email protected]

Documents
User Experience in the Software Development Lifecycle · PDF fileUser Experience in the Software Development Lifecycle User Experience Lead ... •User Experience –the User Landscape

User Experience in the Software Development Lifecycle · PDF fileUser Experience in the Software Development Lifecycle User Experience Lead ... •User Experience –the User Landscape

Documents
Customer Experience VS User Experience

Customer Experience VS User Experience

Design
PERANCANGAN USER INTERFACE/USER EXPERIENCE …

PERANCANGAN USER INTERFACE/USER EXPERIENCE …

Documents
iSignthis - A simpler, faster and safer identity experience

iSignthis - A simpler, faster and safer identity experience

Economy & Finance
User experience

User experience

Design
Safer medical device user interfaces by Gerrit Niezen

Safer medical device user interfaces by Gerrit Niezen

Healthcare
User Experience SIG Anna Wichansky Senior Director, Applications User Experience

User Experience SIG Anna Wichansky Senior Director, Applications User Experience

Documents
User Experience User Guide

User Experience User Guide

Documents
Safer Internet Day 2010 Experience In Latvia

Safer Internet Day 2010 Experience In Latvia

Education
CAPTCHA: Impact on User Experience of Users with Learning ...User Disabilities, Accessibility, and User Experience Bevan’s (2009) study describes the user experience as including

CAPTCHA: Impact on User Experience of Users with Learning ...User Disabilities, Accessibility, and User Experience Bevan’s (2009) study describes the user experience as including

Documents