Javelin’s 1st Annual Digital Holiday Spending Projections

Online commerce will take a bite out of brick-mortar retailers this 2015 holiday season

In a recent survey conducted by Javelin, consumers were asked what percentage of their holiday budget would be spent in ecommerce channels. The response received was an astounding 45% of that money would be spent in online and mobile stores. This is amazing. It is clearly a much higher percentage of digital shopping than we normally see as a portion of total retail sales. For the entire year of 2015, we expect online/mobile commerce to comprise approximately 9% of total retail sales, up from just 6% in 2010. This number should grow to 10.8% by 2019, according to our last online retail forecast which was recently released.


Online commerce takes a bite out of brick-mortar retailers this 2015 holiday season

Read the rest of this entry »

Why Banks Won’t Unplug Aggregators Like Mint

Giant banks are once again back in the headlines for disrupting the ability of personal finance apps such as Mint to collect customer financial data. On one level, it might appear that Aggregation_Gandalf.2015.11.10the banking industry is standing in the path of aggregators as if it were Gandalf, ramming down its staff and screaming, “You shall not pass!”

But that’s not going to happen. Incidents like this only inflame the debate raging among consumers, bankers, regulators and app makers: Whose data is it? As a result, these recent conflicts over the security of data could be the long-needed catalyst for an industry solution. If that happens, it actually would result in more sharing and easier access to data – and empower customers to do manage their money more effectively and wisely.

According to Wall Street Journal reports, the list of banks cutting off aggregators includes Read the rest of this entry »

Cybercrime on the Go – Don’t Forget the Mobile Device

As Cybersecurity Awareness month comes to an end, Javelin encourages everyone to recognize the cyberrisks related to mobile devices.  Most people have a reasonable awareness of good security safeguards for their computer – use antimalware regularly, avoid dodgy websites, and don’t respond to that grammatically torturous email from a Nigerian prince – he probably doesn’t actually have your best interests at heart. There is still a long way to go in many areas, especially around password habits, but the trajectory is headed in the right direction. The same cannot be said for our smartphones and tablets.

With mobile devices now ubiquitous, they are rapidly becoming the keys to their owner’s financial lives. From my smartphone, I can access all my online accounts (email, banking, and social networking, to name a few), make payments in stores and online, send money to friends, even open new banking accounts. More than that, for the security-conscious, smartphones act as additional safeguards against financial loss through one-time passwords and alerts. Despite pouring more and more value into their mobile devices, few take appropriate precautions to prevent compromise. Here are a few steps consumers should take to make sure that their smartphones and tablets stay firmly under their control.

  • Apply a screen lock: With so much personal information available on our mobile devices, it is unwise to leave them open for anyone to access. Unfortunately, only half of smartphone owners use even a rudimentary lock screen.  A simple password, pattern, or fingerprint lock creates a significant barrier to any miscreant who tries to access your data. Most mobile devices will allow you to set additional security features such as automatically wiping the phone after a number of incorrect password attempts.
  • Keep a clean device: Just like your computer, your mobile device is susceptible to malware. Keeping a clean phone requires many of the same habits as keeping a clean computer – avoid unsafe websites, do not open email attachments or links from unknown senders, and keep clear of applications from unknown publishers with few reviews. Additionally, many good antimalware solutions are available for mobile devices, to provide additional protection against compromise. Just four in ten smartphone owners use mobile antimalware software, leaving a lot of room for improvement.
  • Activate remote wipe capabilities: In the event that someone does steal your smartphone, remote wipe programs can make it impossible for them to access your information even if they know or guess your password. iPhone users have these features automatically built into their iCloud account and Android users should take advantage of Google’s Android Device Manager.

With so much room for improvement in consumer mobile security habits, what are necessary steps for financial institutions (FIs) and issuers looking to deliver products and services to consumers’ mobile devices?  As mobile threats grow more sophisticated by the day, FIs and issuers should be taking every opportunity to regularly educate consumers as to best practices.  They should also harden their applications against reverse engineering and implement stronger mobile authentication.  No one party can ensure that mobile devices are as safe and secure as they can be – it takes cooperation and shared responsibility.

Over the coming months Javelin is going to focus heavily on securing mobile devices and the transactions they facilitate.  Join us as we explore ways to mitigate the mobile-oriented cybercrimes that affect consumers, businesses, and their financial service providers.

Netflix CEO Reed Hastings Blames EMV for Poor Company Performance – Smells Like VW Again

Earlier this week, Netflix released its third quarter financial results.  In his letter to the shareholders and the rest of the world, CEO Reed Hastings, states “Our over-forecast in the US for Q3 was due to slightly higher-than-expected involuntary churn (inability to collect), which we believe was driven in part by the ongoing transition to chip-based credit and debit cards.” 

NOW WAIT A SECOND MISTER!  Did he just say they missed their subscriber forecast growth because of the EMV transition?  That the card companies changed the numbers on him so he can’t collect? Are you trying to sell me a “Clean Diesel” Volkswagen too?  Who do you think you are, Martin Winterkorn?  It took us years to sniff out the Clean Diesel thing, but Reed Hastings we are onto you.

Issuing EMV cards didn’t just happen in the last three months.  It’s not something the financial services industry cooked up to mess with Netflix.  It has been an ongoing event in the U.S. since 2012 and has been heavily covered in the news for the last 6 months.  Issuing of EMV cards will continue to be an “event” through 2018.  On a personal level, I have received new EMV cards this year from Chase, Citi, American Express, and Bank of America and let me tell you that none of the card numbers changed.  The major credit and debit cards issuers are taken painstaking efforts to make sure things like this don’t happen – if they lose a recurring bill it affects their bottom line too.  Also, why hasn’t any other major subscription service complained.  My subscriptions to Sirius XM, Pandora, Hulu Plus and my local health club haven’t complained.  So what’s up?

I think it may have more to do with Netflix losing Epix Movies to Hulu.

So Reed, I think it’s time to come clean and ‘fess up before you walk the plank with Mr. Winterkorn…



EMV’s 12 Elephant Fail and the Case for Contactless

It’s been a long anticipated issue with EMV – the time it takes to “dip” a card compared to the much accustomed “swipe”. It’s not so much the time it takes, it’s more that it’s dead time – you have nothing to do but stare at a POS display waiting for the acknowledgement that you’re able to take the card out again. Time stands still as you wait for a beep or a flashing light or confetti or something. Perceived wisdom is that that this is about four seconds.

With the big EMV transition literally days away at this point, I shouldn’t have been surprised on a weekend visit to the local Target to be prompted to use the chip that has recently appeared on my BofA debit card. I was. Instead, decades of muscle memory had me swiping the card repeatedly until I realized that the POS display was asking me to insert the card. It took the cashier telling me I had to insert the card for me to stop the rabid swiping frenzy. At this point, payment industry brain ousted weekend chore brain. My first EMV transaction in the US – okay, let’s count how long this takes…

Read the rest of this entry »

The TOPS Model – Understanding the key attributes of block chain technology

Beyond the headline grabbing stories about Bitcoin, the financial services industry needs to start considering the value of underlying technology backbone behind cryptocurrencies and why it could be valuable – the block chain.

So how does a block chain work and why could it be valuable?

TOPS Model on Block Chain Key Attributes

TOPS Model on Block Chain Key Attributes

Read the rest of this entry »