Blog article
See all stories »

How Banks Can Differentiate By Going The Extra Mile - Part 1

Credit card holders in India might have noticed of late that they’re receiving SMS alerts on their mobile phones each time they use their cards. I’m not sure if this is a bank/card-specific initiative or the outcome of some new government regulation applicable across the industry, but I’ve been receiving these notifications from the issuers of both my Visa credit cards since the middle of June.

At the outset, let me thank both banks for this new ‘product’.

Since these alerts occur in realtime, I imagine they’re meant to help cardholders to detect fraudulent transactions rather than serve as a budgeting / expense tracking tool. I can’t be sure of their true purpose since I haven't received any communication from these two banks when they launched this product.

As I’d pointed out in my personal blog previously, a little extra effort by banks to reach out to their customers can go a long way in fostering customer retention and customer delight. However, I won’t complain if these banks have chosen to stay silent about their new product either because they're humble or because they wish to fly under the radar of one CNSC. This Miami, FL-based company sued Visa for launching a few pilots of something similar in the USA last year, claiming that it infringed upon its patent on the underlying technology. (I don’t know how something like SMS alert can qualify for a patent, but I’ll let that one pass for now).

Assuming my guess is right, let’s see how these SMS alerts help cardholders detect fraud in realtime.

First, let’s look at a couple of recent alerts I received from BANK1, a large multinational bank that has been active in India for several decades.

Alert1: Thank you for using your credit card for INR 2370.00 on 21-Jul-2011.

Alert2: Thank you for using your credit card for INR 320.38 on 24-Jul-2011.

Since I’d handed over my credit card at a store for a purchase of INR 2370.00 on 21-Jul-2011, I could be sure that the first transaction was genuine.

Now, when I received the second alert, the card was tucked away safely inside my wallet. I’d neither handed it over to anyone nor used it online. However, for all I knew, this could’ve been an alert for one of many genuine card not present transactions put through by a merchant on the back of a recurring mandate issued by me before. Such recurring transactions based on a one-time approval are very common among American and European merchants (e.g. Hostgator for website hosting, Skype for monthly calling plans) and have recently started entering India as well (e.g. Regus for office rentals). Since they don’t require case-by-case approval, such transactions don’t always ring a bell at the exact instant that I receive the alert. Exacerbating the ambiguity is the fact that, while the mandate amount would be a constant figure in US$ or some other foreign currency (say US$ 8 every month), the amount displayed on the SMS alert is in INR and varies from transaction to transaction depending upon the USD:INR prevalent on that day. If this alert notified one such transaction arising out of a pre-issued mandate, it didn’t signal a fraud.

On the other hand, the alert could equally well have been triggered by a card not present transaction initiated by a con artist who had stolen my credit card details or a fraudulent merchant to whom I have not issued a recurring mandate.

Point is, without the merchant’s name in the SMS alert, it’s difficult – well-nigh impossible for someone who has several recurring CNP transactions – to figure out the authenticity of a transaction.

Now, let’s look at the following alert from BANK2, which is a Top3 Indian private sector bank.

Alert1: Thanks for using your credit card for INR 1800.00 in PUNE at KUMARAUTO on 2011-07-20 21:05:53.

Alert2: Thanks for using your credit card for INR 465.00 in 123-456-7890 at HOSTGATOR.COM on 2011-07-14 03:10:33

As you can see, these alerts from BANK2 provide extra information compared to those from BANK1 viz. the merchant name and the time of transactions. Using these additional details, it’s much easier to differentiate between genuine and fraudulent transactions: Since I’ve never dealt with anyone called KUMARAUTO, I could conclude that the first transaction was fraudulent the moment I received the SMS alert. Whereas, since I’ve signed a mandate with HOSTGATOR for auto debit of monthly website hosting charges, the second transaction was genuine.

In Part-2 of this post, I’ll treat these SMS alerts as ‘products’ and see how well they work for the customer towards detecting and preventing fraudulent credit card transactions. Spoiler Alert: One bank’s product rocks, the other one’s product sucks, and the difference is in the details.

SMS Alerts From Two Banks

Comments: (4)

A Finextra member
A Finextra member 14 September, 2011, 13:32Be the first to give this comment the thumbs up 0 likes

I think that you may find on further investigation that the banks are not offering this service simply out of the goodness of their hearts... nor to make their customers feel safer.

Instead, many of the banks I know who offer this "free" service are doing so to try and reduce the write-offs they suffer from card fraud.


John Dring
John Dring - Intel Network Services - Swindon 14 September, 2011, 17:11Be the first to give this comment the thumbs up 0 likes

Whatever the reason for this service starting now, its ABOUT TIME.

Card transation alerts have been a sensible idea for years.  But it seems the cost and risk-assessment of adding it to the platforms was a concern and they were happier to take the hit.  There are so many ways to implement cost effective transaction generated SMS alerts, but mostly all involve interfacing with an external service (SMS Aggregator, or the MNO directly!) and that was presumably the hold-up.

Considering how many texts most of us now get on a daily basis, its a no-brainer to have a couple more, and consumerS can always opt-out if its a problem.  Ideally, the consumer should be able to specify a level of transaction they want to be alerted about too, like Bank Balance alerting.

But the real objective should eventually be to add transaction policy controls - letting the consumer decide what alerts they want and for what thresholds.  Better still, let the consumer decide if they even want their card/account/loyalty points to be used and to what level in each individual case.   The Bank can have some controls and visibility too - restricting transactions amounts for higher risk consumers, or merchants, in real time. The obvious candidate here is restricting the level of NFC payments compared to chip+pin ones.



Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 16 September, 2011, 07:47Be the first to give this comment the thumbs up 0 likes

@Finextra M & John D: Thank you for your comments.

@Finextra M: With vested interest egging them on, we can be sure that banks will go the distance to make this product work perfectly (like BANK2 in my example already seems to be doing)!

@John D: From your comments, it appears that SMS alerts have not become the norm even for checking account, let alone credit card, transactions. (I always thought only the latter was new). If so, it's definitely high time they did. Many banks in India, including the BANK2 cited in my post, have been providing SMS alerts for checking account transactions for over 4-5 years, including condition based ones that you've described. Most of these products, including the one from BANK2, are free-of-cost. I also remember one of my UK bank accounts launching such a product around 2-3 years ago, albeit for a nominal fee.          

A Finextra member
A Finextra member 16 September, 2011, 07:56Be the first to give this comment the thumbs up 0 likes

Thanks for feedback and additional comments.

To add to my earlier comment about banks having a vested interest... my own bank in Spain has offered this service for a number of years for card transactions.

Rather than swamping me with an excessive number of SMS messages, their system alerts me to transactions that are outside of my "normal" behaviour. For example transactions executed overseas... transactions outside of the normal amount threshhold, etc.

This works great for me, and is cost efficient for the bank also.

I agree that the same concepts could / should be applied to other products such as checking accounts, time deposits, or similar... with alerts for "new" transactions, amounts over a certain threshhold that are not regular transactions, balance warnings when the balance falls below a certain pre-defined amount, or maturity advices etc.

Now hiring