On the Cover

Mobile means big changes for banks

Mobile technology is forcing a complete reinvention of the banking world, with demand for new services through a more interconnected community of users, businesses and services. The mobile generation has profound implications for South African banks, and banking users.

South African banks have historically enjoyed a reputation for pioneering online and electronic banking services. The rate of innovation appeared to be stagnating in recent years, but the last 12 months have seen major developments in online banking, and set the scene for another renaissance in electronic banking. Mobile devices – smartphones, feature phones and tablets – are driving a new generation of banking services and driving change within the banks’ internal operations. And personal financial management (PFM) has seen the introduction of a major American operator through local partners, with the potential to raise the bar for services available to banking users.

Local banks first moved online in the 90s, with basic transactional and business banking services. was the first, in 1996, with the other banks following suit shortly afterwards. And then, not a lot happened for another 15 years. Incremental improvements and new banking products were the order of the day, but with one exception – – the bar was set and would not be raised for several years.

Mobile banking is set to change that. All the banks have apps either in the market already, or in active development. () was first to market, launching its mobile app in mid-2011. Nedbank showed off the beta of its app a year later, with hot on its heels. , first to market with a Web site, will be last to market with an app – it has announced its app will be delayed until 2013. Capitec has yet to confirm its mobile strategy.

iWeek visited several of the banks, and was granted unprecedented access to the development teams building the next generation of banking products. Across the board, the messages were the same: mobile banking is hugely important for banks, customers can expect a major revamp in the products on offer, and the banks are undergoing substantial internal reorganisation to deliver these products.

South Africa, although lagging more developed countries in smartphone penetration, is nevertheless very ready for the shift to mobile banking. In SA, 21% of cellphone users own smartphones, according to research by earlier this year. That contrasts with over 50% deployment in Europe, but is accelerating fast. However, feature-phone penetration in SA is over 100% - there are more phones and SIMs in the field than there are people, meaning that banking services offered through USSD, WAP, and Java applications have the potential to reach a vast market. ’s Mobility 2011 survey showed that 37% of South African cellphone users make use of cellphone banking, though that is skewed towards urban users. Cellphone banking overtook PC-based online banking in 2009.


But why has it taken so long between generations of online banking? Fifteen years is a long time, but ’s innovation head, Itumeleng Monale, says the delay was not about the smartphone penetration or Internet availability.

“Banks are very conservative, and we all had a strict set of banking regulations to adhere to,” she says. “Those regulations were instrumental in protecting us from the banking crisis that affected the rest of the world, but they also gave us a comfort zone where there wasn’t a sense that we needed to push the boundaries and offer innovative in particular has taken an active role in fuelling smartphone and tablet penetration, offering a range of devices at subsidised rates, including s, notebooks, Android phones, BlackBerrys and more. The bank is also making good use of its telco licence, providing cheap ADSL and mobile bandwidth to its customers. The benefits to the bank are two-fold: encouraging customer migration from other banks, and driving adoption of its mobile banking products.


was the first local bank to move into the mobile app space, launching its app in mid-2011. , head of Connect ISP, said that from the launch of the mobile app a year ago, the bank is now seeing over 30 000 new app signups a month, with nearly a quarter of a million users. infrastructure architect Richard t" rel=tag>van der Walt, speaking at ITWeb’s “ in Enterprise” event earlier this year, said the banks had shipped more than 50 000 mobile devices, with over R6 billion in transactions conducted on the mobile app.

Christo DavelChristo Davel

The bank has launched other high-tech initiatives to keep its momentum up, such as a GeoPayment service, which allows smartphone users within 500m of each other to transfer funds without cash changing hands. Non- customers can receive funds into an e-wallet.

has a healthy head start with mobile banking, but the other banks are working to catch up. Nedbank launched its suite of mobile apps recently, and while it may be behind the curve, has spotted gaps to add unique (for now) services to its platform. The Nedbank app provides a framework into which the user adds widgets which then provide specific services, such as transactional banking, share trading (a service the bank is particularly proud of), foreign exchange rates, and a tool allowing business bankers to release batch payments.

That last feature highlights the benefits of mobile banking over Web services, says Nedbank executive . “Any business user knows what it’s like to get a call from your accountant, and have to pull over in traffic, open a laptop, plug in a 3G card, sign in and authorise payments. Now you can just open an app and authorise payments on the spot. Mobile banking is all about reducing friction.”


That, in a nutshell, is the value of mobile banking – the next generation of banking applications is fast, slick, simple, and mobile. Like mobile apps in general, most banks are focusing on a suite of apps, each with strictly limited functions, allowing users to pick and choose the tools they need.

Reducing friction, speeding interactions and simplifying the user experience are the hallmarks of mobile apps in many fields, but for banking this is particularly significant. Users expect simplicity and ease of use, but for a bank, with multiple separate divisions, disparate systems and complex backends tied together with middleware and messaging interfaces, it is enormously difficult to build a single interface.

Web banking is usually a portal to many different services – the user may perceive them to be operating through a single interface but the reality is usually very different. Each of the banks we talked to described a lengthy process of internal development to consolidate banking platforms before new mobile or online services could be developed.


For a bank, the existence of a mobile app raises potential beyond just everyday banking. “Once you have the secure channel to the user, there is a world of possibilities,” says Nedbank’s Woolnough.

For example, Nedbank is using the same app framework to deliver internal IT processes – among the available widgets in the demo unit are options, only available to Nedbank employees, to reset their domain passwords for the internal network, and generate one-time passwords for VPN access.

Neither functions have anything to do with banking, but show an imaginative use of an available platform to improve services, exactly the sort of thinking which pervades the innovative world of mobile computing.

The potential of that secure channel for up-selling services, possibly with partners, is an attractive proposition for banks seeing drops in response rates from e-mail and phone contacts.

With always-connected devices acting as portals to banking services, the role of banks is blurring, and allowing new entrants to provide alternative services, in turn raising questions about the role of currency itself. Kenya is the famous case study: M-Pesa launched in 2007, allowing cellphone users to transfer credit without the intervention of a bank.

Following widespread acceptance – more than 17 million M-Pesa accounts are active in Kenya – the service spread to other countries where it has received similar support. South Africa is an exception, though: Nedbank and launched M-Pesa into the domestic market in 2010, predicting rapid adoption to the tune of millions of users. A year later, only 140 000 users had signed up, with interest comparatively weak, and support from outlets limited.

launched its eWallet service in 2009, and forged a relationship with PayPal, bringing the popular online payment service to South Africa.

, the popular phone-based social network developed in SA, is hoping to reach the mass market. This year the network announced Money, a service built in conjunction with , allowing users to transfer funds between one another, and (for a fee) to users outside the network. CEO Jnr hopes to expand the service to other banks – providing a service able to work with any mobile network and bank may give it a better chance than M-Pesa. , with over 10 million subscribers, already has its own internal currency, Moola – Money provides a key link to the outside world.

Outright alternatives to traditional currency are also popping up online, and while most are limited to specific ecosystems (like Second Life’s “Linden Dollars”), the role of fiat money is increasingly in question. Bitcoin, an electronic currency based around cryptographic processes to ensure , is used internationally in an electronic barter system.

Mobile phone networks, with an existing trusted channel to users, are well positioned to partner with banks to deliver workable currency solutions – M-Pesa stands as a solid example of the tipping point that can occur once enough value is in a system, and users are transferring credit internally rather than exchanging currency, though South Africa has yet to reach the same point.


While banking services are streamlining how customers use their money, a new breed of service is all about helping them spend smarter. Personal financial management services have been popular in the US and Europe for many years, offering an aggregated view of spending across multiple financial institutions (including banks, loyalty cards, credit cards, and more), but were previous not available in SA. That changed in January, when 22seven launched, the brainchild of Christo Davel, previous head of defunct online bank 20twenty. 22seven, using the services of US service provider Yodlee, can use your banking credentials to extract transaction data from local institutions, and then provide visualisations to help users identify and improve their spending patterns. 22seven doesn’t have a mobile app available yet, but Christo Davel promises one will be available soon.

The banks initially reacted negatively to 22seven’s launch, with actively blocking the service from accessing its data, citing concerns with users being encouraged to give up their credentials to a third party. was the first to thaw, providing “view-only” access to account data.

At the time, the banks all indicated that they had PFM products of their own in development, usually centred around providing customers with a unified view of their financial position across that bank’s services, without the aggregation of external data.

In July, Nedbank announced My Financial Life, a PFM product using the same Yodlee service, offering a similar aggregated view of data from other institutions. That announcement, coming from an established bank, both raises the bar for the other players and vindicates 22seven’s position in the market.

Although neither Nedbank’s My Financial Life nor 22seven are aimed at mass-market users, the entry of aggregator services into the local market has profound implications for local financial services and loyalty programmes: where previous they could rely on walled gardens, the move is now towards an open environment with unprecedented access to data. Security has been a major facet of online banking since the very early days. In 2003, customers were targeted by an attacker who infected PCs with a Trojan containing a keylogger, which captured login details for accounts. Although the total losses were small, that propelled banking into the spotlight and resulted in a number of changes, including pioneering the two-factor process which is now commonplace, using a confirmation SMS or USSD exchange to acknowledge banking logins and sensitive activity such as adding beneficiaries. This raised the bar for attackers, but isolated incidents of SIM cloning have continued to keep on the radar. Clone SIM cards can be used to intercept these one-time passwords, allowing criminals to conduct transactions before the user can raise the alarm.

Just as was a key concern in the development of Web banking, it will remain a concern in the mobile era. Using a mobile device for banking removes the second factor from the two-factor exchange of an SMS – a stolen mobile phone has, by definition, access to both the banking app and the incoming SMS – so banks have had to look elsewhere for mechanisms to secure their interfaces.

Nedbank partnered with Cape Town-based Entersekt to deploy certificate pairs to smartphones, associating registered devices with specific accounts and avoiding the risk of cloned SIMs. The bank’s apps use a common PIN, only requiring an additional password for features like business banking. The PIN must be re-entered every time the app is opened, even if it is only closed briefly to answer a call, reducing the risk of a phone being stolen with an authenticated session open.

Like so many other day-to-day services, banking is experiencing a complete renaissance in the mobile era. We’re seeing new services launching thick and fast. Banks are rapidly moving towards offering slick interfaces for smartphones and mobile devices.

Aggregation services are changing the way we view money. Even traditional currency is facing a complete change in perception.

Some of that is just good timing, but some is actively driven by the proliferation of mobile devices. And with services being extended to feature phones, banking can avoid the digital divide among the haves and have-nots of the mobile Internet generation.