28 July 2014

Sarah Appleby

Sarah Appleby - Striata- Financial Services Technology

7 | posts 19,583 | views 9 | comments

HTML5 Cannot Deliver

20 January 2014  |  2278 views  |  3

As I come across more and more questions about the use of HTML5 for interactive and dynamic email statements, it strikes me that this strategy has either been poorly delivered or highly misunderstood. I suspect it’s a combination of both. 

Can HTML 5 drive paper suppression? 

The reason I field questions regarding HTML5 is that businesses approaching me want to reduce paper, postage and other operational costs. Or at least that's the real business value proposition after technophiles stop being blinded by the puppy love of something fresh and new. 

One must never forget that the purpose behind ALL technology is to garner a rapid return on investment and to add value to the core business. With all of the frenzy over mobile apps and the like, I think this concept has been lost at times. So, HTML5 should be trying to convert people to paperless… right? It’s the number one value of the electronic statement that I’ve been able to determine thus far.

It’s still a question of PUSH vs PULL.

Unfortunately, HTML5 is perfect for one purpose: to be displayed on a webpage or browser. Somewhere along the road, it was assumed that it could be used with PUSH, or Dynamic Email Statements, when in fact it just CANNOT DELIVER as an HTML attachment. 

HTML5 in secure form is a PULL solution, as it would be plagued with delivery problems preventing companies from PUSHing their statements. With 17% of legitimate email not making it to the inbox already, HTML5 as an attachment stands no chance of being an email solution as it would be blocked by most SPAM filters and rightfully so. Unlike PDF, which is a ubiquitously accepted attachment, it just wouldn’t consistently reach the customer’s inbox..

McAfee’s 2013 Threats Predications stated that ‘With HTML5 the threats landscape will shift and broaden… HTML5 will offer other opportunities for attackers because the additional functionality will create a larger attack surface.’So, if HTML5 is only viable in a highly secure PULL environment, what paperless turnoff rate will it deliver? Will more people turn off paper statements just because their statement now displays more beautifully within the portal? 

As a consumer, it’s still about convenience for me. So when I say HTML5 cannot deliver, it’s two-fold: HTML5 attachments cannot be delivered to the email inbox and I highly doubt they can deliver a quick ROI in today’s landscape. On the whole, consumers still do not want to log on to portals with multiple usernames and passwords just to see their statements. And, let’s face it. Getting beyond the password as a security mechanism isn’t cheap and still lies very much in the pipeline rather than being commercially viable today.

Sounds like the HTML5 Statement has a lot more work ahead if it's going to enter the paper turn-off game.

Dynamic HTML5 Statement vs the Dynamic Email Statement

Let’s not confuse the purpose of the Dynamic HTML5 Statement and the Dynamic Email Statement.

Email Statements delivered via PDF has been around for 14 years and they continue to deliver quick ROIs by way of converting millions of customers to paperless every day. As for HTML5, I agree that prettier and more interactive eStatements will add aesthetic value, but I just don’t see where it is looking to enter the email market? 

We don’t need to reinvent the wheel. Secure Delivery mechanisms (PDF and Striata Reader) remain the most reliable mechanism to propel customers into the digital world. 

Your thoughts?

 

TagsMobile & onlineInnovation

Comments: (4)

A Finextra member | 21 January, 2014, 06:48

Reads slightly like a strawman argument concluded with a sales pitch. Maybe PDFs are less prone to be trapped as spam but Striata attachments have a proprietary file extension (.emc) that seems more likely to trip filters. And they are encrypted with proprietary algorithms - hardly flavour of the month.

Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 22 January, 2014, 16:36

Emails from the same email address are delivered in the inbox on one occasion and in the spam folder on another. I haven't come across any mainstream technology that is as temperamental as spam filter. Added to that are the vagaries and vissicitudes introduced in the process by tightening or loosening of spam threshold levels by the ISP, ESP and who knows how many other entities involved in email delivery. Maybe it's only me but, against that backdrop, I find it impossible to believe that any solution is better than another on the sole basis of a self-proclaimed ability to escape spam filters. There's got to be a better story than that. Oh I forgot, maybe it won't get past the 'Finextra Community Rules' filter forbidding blatant self-promotion.

Sarah Appleby - Striata- Financial Services Technology - Rochester | 23 January, 2014, 09:57

Hi 'Finextra Member'- Thanks for your comment! While what you posit about .emc seems a logical conclusion, it actually isn't so. Spam filters are specifically looking for common known extensions such as .html, .exe, etc. that are known to cause problems. My company sends BOTH PDF and .emc in the billions and have never had an trouble with spam filters. The reason .emc and PDF aren't as susceptible to these filters is that the encryption on both lend to increased security and protection for the end user. HTML on its own is not a secure attachment, which in spite of my opinions, is an absolute truth. This is not to say that HTML cannot be wrapped in securely... but that's another blog that remains to be written. On it's own, HTML as an attachment without a shadow of a doubt puts the end user at risk of inheriting malware, which ISPs will specifically be looking to block as a service to their users. So that begs the question which I am trying to raise and still haven't really heard an answer: what is the commercial proposition behind HTML5?

A Finextra member | 27 January, 2014, 13:41

You're very fortunate to have never had a problem given that PDFs are one of the most common attack vectors for hackers. My bank will have to regretfully decline the sales pitch though as our security standards preclude the use of proprietary encryption for obvious reasons

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Sarah

HTML5 Cannot Deliver

20 January 2014  |  2278 views  |  3  |  Recommends 0 TagsMobile & onlineInnovation

PHISHING is Killing Your Portal

06 August 2013  |  2634 views  |  0  |  Recommends 0 TagsMobile & onlineInnovation

Ensure your paperless gateway isn't locked

13 June 2013  |  1805 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

5 Essential Steps to a Winning eBill Strategy

08 May 2013  |  2545 views  |  2  |  Recommends 1

Leveraging Big Data? Don't Get Caught in a Trap

18 January 2013  |  3908 views  |  0  |  Recommends 0
name

Sarah Appleby

job title

Business Development

company name

Striata- Financial Services Technology

member since

2012

location

Rochester

Summary profile See full profile »
I am charged with Business Development in the financial services sector for a company that is THE...

Sarah's expertise

What Sarah reads
Sarah writes about

Who is commenting on Sarah's posts

Chris Thorpe
Ketharaman Swaminathan
Denis Wicking
vikram sareen