Our Viewpoints

Our Viewpoint

Downloadable Apps: The Risks, The Rewards and The Smartest Mobile Strategy

December 05, 2012

Like it or not, we’re all living in the age of mobility. Today, more than 37 percent of people in the United States own a smartphone, with a projected 70 percent penetration by 2014. Tablet devices are on an equally fast track, with U.S. adoption expected to grow from 12 percent to 23 percent by the end of 2012.

So, it only follows that mobile banking has taken off in a big way, with consumers wanting the same type of convenience from their financial institutions as they get from other types of businesses. To be effective, mobile banking can’t be a standalone channel, but another prong in your growing self-service offering. That means it has to give your users that same real-time experience that they get through Internet or voice banking – and the same level of security.

A mobile version of a static website is now just table stakes. Newer downloadable apps are taking center stage, enabling users to do everything from paying bills via smartphone to engaging the phone’s GPS to guide them to the nearest ATM.

App development companies are springing up everywhere, promising to produce exactly what community banks and credit unions need to compete. But, working with the wrong developer could put your institution at risk.

Before you make a move, it’s important to know the facts, so you can plan the most effective, lowest risk mobile strategy. Let’s take a look at some of the basics.

Browser-based vs. Downloadable Apps

Initially, mobile banking was browser-based, which means it was limited to what the Web browser could do. This method of delivery enabled users to access the Internet banking site for location information and basic data, like account balances and checks cleared, but lacked the ability to fully harness the power of the mobile device.

Downloadable apps, by contrast, auto-detect the device type, reformat to match that device, and make use of all of the mobile device’s features, to provide a richer user experience. For example, instead of simply seeing ATM locations, a downloadable app could access the mobile device’s GPS functions to provide a map and/or turn-by-turn, spoken directions, guiding the user to the closest cash machine. It could use the phone’s camera feature to facilitate the remote deposit of checks, or access the user’s contact list for person-to-person (P2P) transfers.

Unlike browser-based apps, downloadable applications must go through a certification process with Apple®, Microsoft™ and Google to be included in their respective downloadable app “stores.” This credentialing process occurs between the financial institution and the companies offering the app, not between the developer and the app stores. So, it’s essential you work with a developer who understands this process and can guide you through it.

Of course, with more capabilities comes more complexity and greater risk. Poorly written downloadable apps can pose security and compliance concerns. If you don’t work with a developer whose process is audited and has appropriate controls throughout the development lifecycle, you could put your board of directors and institution at risk by deploying non-compliant solutions.

Some companies are going to market with hybrid apps, which are products that simply wrap their app around existing mobile sites to display content. Although these providers claim to have an app using another company’s (like D+H’) browser content, deploying this type of app is risky, at best.

Choosing the Right App Provider

While it’s true that brilliant app developers are springing up all over, financial institutions need something more.

Your app developer has to be regulated, with processes approved by the Federal Government and audit controls that would pass the most stringent compliance audit. Do they comply with Segregation of Duties to prevent occupational fraud? Do they even know what these regulatory requirements mean? Do they develop your applications in a secure, controlled, regulated, industry-standard environment capable of passing any rigorous external audit? Do they protect your consumers’ non-public information?

The best approach is to work with a trusted provider that has experience with self-service applications, and is audited and compliant. D+H, who has launched its own downloadable P2P payment and mobile banking apps, has two decades of experience in self-service application development with chains of control that protect against security breaches and comply with regulatory requirements.

Planning Your Mobile Strategy

No question, the proliferation of mobile devices and consumer adoption across all demographics cannot be ignored. While it’s true that, to compete, institutions need to offer a mobile channel, the type of application depends on the market and the individual business case.

If you want to stick with the basics, like branch locations and simple balance inquiries, a browser-based application is the less complex, less expensive choice. But, if you want to add value to your consumers with mobile remote deposit, person-to-person payments or geo-location services, a downloadable app gives you those options – if you engage with a provider who can do the difficult things right. Only then will you protect your institution, your customer data and your reputation.


Nigel Prince
Senior Manager, Product Management – Self Service Channels

Nigel Prince has been with D+H for 14 years, serving a leadership role in various capacities. He led the Internet banking development team for several years, interfacing with many financial institutions, as well as third-party vendors and strategic partners. Nigel is now part of the D+H product management organization with specific responsibility for driving the strategy for self-service channels, which include Internet banking, mobile banking and voice banking.