Despite the number of people banking online, financial institutions are still under pressure to offer Wi-Fi access at regional branches. Not only does this enhance the customer experience but in a market where mobile connectivity is not ubiquitous, it is also vital to the provisioning of banking solutions.
From coffee shops and gyms, to airports and motor dealerships, free public Wi-Fi is something many take for granted. In fact, those service-centric businesses that do not provide it are losing out to the competitors who do. So, why should banks be any different?
Beyond just branches
Thanks to the plethora of service offerings supplied by banking apps, customers have fewer reasons to visit their nearest branch. Yet, the high cost of mobile data sees many South Africans still needing to go into a bank for simple transactions such as checking statements, paying bills and making transfers. Having free, in-branch access to a Wi-Fi network is, therefore, high on the customer wish list.
But this wireless value proposition is not only focused to what branches can offer. The humble card machine used in shopping centres, flea markets and corner shops also require a connectivity solution.
The current reality is that most of these devices connect through 3G. Unfortunately, there is very little security provided on such an open internet connection. By using Wi-Fi, these machines can connect to a virtual private network direct to the bank for increased security.
From a branch perspective, banks need to consider two kinds of Wi-Fi networks – one for customers to use for internet banking and one for staff requiring access to the corporate network.
With the former, there is typically a splash page or portal providing Wi-Fi guest access. Once logged in, visitors will be able to perform internet banking transactions through their mobile browsers using SSL encryption. While this does not have to adhere to PCI (Protection of Credit Card Information) regulations, the challenge is how the user accesses the network.
If any personal details are required to access the Wi-Fi network, the bank needs to consider POPI (Protection of Personal Information). This is imperative if two identifying customer elements are required to register for the service.
Under POPI, all information must be stored securely in South Africa. The user must also have the option to opt out of the service. Therefore, the bank would need to provide a detailed terms & conditions document on the portal where the user is informed about what their information will be used for. There are also stringent requirements on how long the bank can keep this data, how it is stored and who has access to this information.
Most banks already have internal Wi-Fi deployed for their employees. And because sensitive information is kept on a separate network, this wireless access does not need to be PCI-compliant.
However, there could be exceptions. For example, the bank might provide wireless access on a separate virtual network to the corporate environment. This means traffic from the access point to the secure PCI network also needs to be encrypted.
Despite the necessity to ensure compliance with regulation, banks need to embrace Wi-Fi to provide customers the value-added services they have come to expect in the digital age. To not do so could see them losing out to those who do.