Personalized service often comes at a cost—but consumers have proven time and time again that they are willing to share their personal data in exchange for quick and accurate service. A recent study conducted by YouGov found that 39 percent of consumers would share personal data in exchange for faster issue resolution. That data sharing comes with increased expectations, too, particularly for the 59 percent of millennials who noted that their customer service expectations increase as they share more data.
Due to the often time-sensitive and personal nature of finances, customers expect fast, accurate responses from banks and financial institutions—the kind of speed that often can only be provided by companies that employ live agents assisted by chatbots. But in the wake of last year’s damaging data breaches, including those by Google+, Marriott Starwood Hotels and T-Mobile, consumers were left wondering: is it safe to use my bank account number in a chat window?
Balancing innovations in customer experience with security is paramount for the highly-regulated banking and finance industries. When deciding on a chat provider, companies need to keep the following security features top of mind so that they can provide exceptional, personalized and efficient customer experiences while keeping customer data safe.
User and agent authentication
For customers, security concerns begin before they even enter the chat window. Banks and financial institutions need to verify that their chosen digital customer experience technology has stringent identity management capabilities to authenticate both parties in the chat window. Some chat software can allow customers to verify their identity by signing in through social media, a mobile app or with their online banking profiles.
However, security concerns aren’t limited to the customer. On the bank’s side, there are steps that can be taken to confirm that only authorized agents are logging in to assist customers. To prevent someone from pretending to be a customer service agent, financial institutions can elect to restrict access to agent chat consoles by IP address—the internet’s way of identifying who’s who. Most often this would be limited to the company’s own IP range, but can also include IP addresses for agents who work remotely. If hackers try to access the agent console from anywhere else, they’ll simply be blocked.
Chat systems that protect the conversation itself
Once both parties have securely entered the chat window, the company’s digital customer experience technology must ensure that the sensitive nature of the conversations customers are often having with their banks’ chatbots and agents are kept secure. Financial institutions are already mindful of their storage of consumer data, but they must make sure their policies and protocols extend to wrap around their customer experience technology. If customers can make transactions or payments in the chat window, it is imperative that it adheres to the Payment Card Industry Data Security Standard (PCI DSS). Compliance with PCI DSS is not offered by all chat providers, so it is something financial institutions need to look for when selecting a digital customer experience solution.
Another security protocol that must be top of mind is encryption. Even if it is customary to offer a text transcript of the chat to the customer for transparency purposes, private data should be eliminated or at least encrypted. One way to protect private data is with data masking, a tool that blurs out sensitive information that the customer inputs, such as their credit card number, from the agent’s chat window. In addition, if the chat provider is PCI DSS compliant, the conversation will only live in the chat window and, when the chat ends, the data is purged. This ensures that credit card numbers and account information are not recorded in the chat transcript or anywhere else.
Bringing in the right teammates at the right time
Selecting a digital customer experience technology provider has always been a team effort, but with issues of security especially important to the finance and banking industries, it is imperative that the CIO and IT team join the customer experience experts as early in the search process as possible. This ensures that when scoping out different products from chat providers, the technology that is chosen fits the needs of all the involved parties and complies with the security regulations and policies required of their industry. Providers should be able to back up their regulatory compliance and protocols with evidence so that companies can ensure their solution meets the stipulations of all involved. Chatbots from certain providers can meet expected security requirements without sacrificing any of the capabilities that their customers expect.
If consumers can trust e-commerce websites to securely process transactions worth thousands of dollars, then there is no reason why they should feel differently about entrusting their bank to do the same. Banks and financial institutions have been slow to stray from traditional methods and adopt chat technology due to security concerns. However, chat and other digital engagement tools are in high demand by customers in many other industries, even those that are highly regulated. Banks and financial institutions are increasingly compelled to offer these technologies to improve customer satisfaction and can do so without compromising security or compliance.