Movenbank bids to allay Facebook login concerns

Movenbank bids to allay Facebook login concerns

Responding to user concerns, start-up Movenbank has moved to allay privacy and security fears over its use of Facebook for registration and log-in to the site.

Movenbank, which is pitching itself as a mobile-centric, cardless and branchless bank, opened up an 'alpha site' last month to trialists ahead of a commercial launch in the second half of next year.

However, the start-ups decision to require 'Alpha Team members' to use Facebook to register and log in has raised concerns. A reader commenting on a Finextra story made clear the issue is a deal breaker, writing "bye, I'm outta here," citing the importance of privacy and trust in banking and claiming "Facebook is the diametric opposite".

Movenbank founder Brett King responded to the concerns on Finextra and the firm has now used its blog to provide a fuller explanation, admitting that "several" people have raised the issue.

The blog post insists that more traditional authentication channels, "including a private, Movenbank-specific user identity" will be added once banking products are introduced.

Meanwhile, the company is collecting and using information on members' Facebook profile "Info" screens that are marked as public, including first and last name, current location, and profile picture, to customise the Movenbank dashboard and help identify 'financial personalities'.

It is also looking at users' lists of friends, identifying which of them are also Movenbank Alpha Team members and then sharing 'personality' information - as long as both parties agree.

Movenbank insists it will not share users' data with third parties, publish content to their walls or spam them or their friends and that it has its own Web site with its own data storage facilities that are completely segregated from Facebook.

Finextra verdict

Movenbank is wise to tread carefully. Facebook is not renowned for its privacy controls, and the Orwellian aspect of the social network makes many of its users uncomfortable. The idea that any bank - even an innovative bank 2.0 startup - might be prepared to piggy-back onto that public repository of user data and use it to build profiles of its customers could prove a big turn-off.


Comments: (3)

A Finextra member
A Finextra member 29 November, 2011, 18:06Be the first to give this comment the thumbs up 0 likes Dear Mr. King The emergence of bank grade electronic identity and document signing services and their tremendous success (in terms of uptake and real transactions) in the Nordics can be very relevant for a future oriented bank as Movenbank. I have summarised key experiences in the deployment of large scale trust infrastructures in my blog on eSecurity services.
Brett King
Brett King - Moven - New York 30 November, 2011, 12:18Be the first to give this comment the thumbs up 0 likes

I hear a lot of mentions about privacy or IDV concerns when Facebook comes up in the banking circles. But are banks so niave as to think that their customers will actually stop using Facebook and social media if their bank asks them to? Should we be warning customers of the 'risks' of social media and privacy/identity?

The fact is that the current identity platforms we use are exposed in social media, not because social media is bad/evil, but because current IDV/KYC constructs are simply weak today. The only long-term solution to the 'friction' between social media and privacy/identity concerns is better identity.

Facebook is not the problem - Identity is the problem. 

A Finextra member
A Finextra member 30 November, 2011, 20:43Be the first to give this comment the thumbs up 0 likes In long-term the banking domains will probably start accepting low assurance identities (typically used in social media) and very likely for relatively low value/ risk informational services (provided the KYC can make room for this). The need for trustworthy iidentities/ credentials will remain core to high value/ risk applications as banking, payments, selected eGov (e.g., healthcare) services, defence etc. My worry is that we may end up having many high assurance identity credentials - which seems unnecessary and very costly solution to society/ industry.