Tag Archives: applepay

How Basis for Buying Decisions Is Changing

Building a business around speed and convenience is nothing new. Fast food drive-thrus, cell phones and FedEx overnight delivery services were just some of the predecessors to today’s Ubers, apps and same-day Amazon orders. But in most of these cases, purchase decisions were based upon simple factors — “I’m hungry,” or “We need delivery of a legal document,” or “Of course it would be nice to be able to make a call from my car.”

There were other services for which people understood that immediacy wasn’t an option. Many financial decisions took time. If you wanted to earn a little extra interest by using a certificate of deposit instead of savings, you would have to wait months or years for maturity. Securing life insurance was a multi-week (sometimes multi-month) underwriting process. Applying for a home loan with multiple credit and background checks took time. For the most part, people accepted these elongated processes and delays with resigned and good-natured patience. This was life. Important decisions required time, not only in the preparation, but also in the education and execution. Two hours with a life insurance agent would allow you to learn about all of the products available and understand their complexity, and it would help the agent to fit products to your needs. You valued the time spent learning, understanding and choosing based on the trusted relationship with your agent.

The convergence of generational shifts and technological advancement created a new mindset that rewrote expectations and priorities for many. Patience is no longer always considered a virtue. Insurance relationships are no longer always valued. Time-crunched people seek time-saving services. Value is seen in immediacy, uniqueness and ease.

See also: Innovation: a Need for ‘Patient Urgency’  

Enter the new generation of insurance companies redefining the insurance engagement. Lemonade, TROV, Slice, Haven Life and others who are redefining speed and value to a new generation of buyers … are placing traditional, existing insurers on notice.  From purchasing a policy in less than 10 minutes to paying a claim in less than three seconds … speed and simplicity are the new competitive levers.

Out of necessity, this has changed an insurer’s view of competition. Insurers used to know their competitors. They understood their distinctive value propositions. They debated on what were the real product differentiators. Insurers understood the reach of their agents, their geographic limitations and the customer and agent loyalty they could count on because of their excellent service.

While all of these factors still guide insurance operations, the competitive landscape has shifted to different factors critical to acquiring and retaining customers. Insurers are feebly groping for just a tiny bit of space in consumer minds —enough to plant the seed of need and just a little more to water the plant into engagement and completing a transaction — because today’s consumer isn’t going to listen well enough to grasp distinctive details. He or she is looking for an easy and quick fit.

A 2015 study of Canadian consumers estimated that the average attention span had dropped to 8 seconds from 12 seconds in 2000, driven at least in part by consumers’ constant connections through digital devices.

Need. Purchase. Done. Happy.

A 2012 Pew survey of technology experts predicted what is now coming true, “the impact of networked living on today’s young will drive them to thirst for instant gratification, settle for quick choices and lack patience….trends are leading to a future in which most people are shallow consumers of information.”

Only five years later, insurers are feeling the impact.

A key reason many of the new, innovative companies are appealing to consumers and small and medium-sized businesses (SMBs) is because they simplify and remove some of the cognitive effort required to make decisions about insurance. In his book, Thinking, Fast and Slow, the Nobel Prize-winning behavioral economist Daniel Kahneman described human decision making and thinking as a two-part system. Greatly simplified, System 1 thinking produces quick (i.e. instantaneous and sub-conscious) reflexive, automatic decisions based on instinct and past experiences. These are “gut” reactions. System 2 thinking is slow, deliberate, reason-based and requires cognitive effort.

In general, most of the decisions we make each day are through System 1, which can be both good and bad; good because it increases the speed and efficiency of decision making, and because in most instances the outcomes are acceptable. However, not all outcomes are good, and many could have been improved had System 2 thinking been engaged. The problem with System 2 is that it takes effort, and humans naturally try to minimize effort.

See also: Insurtech: Unstoppable Momentum  

So, a traditionally complex industry is intersecting with a cognitive culture that is mentally trying to simplify, reduce effort and be more intuitive. This has consequences for decisions throughout the customer’s journey with an insurance company. Good decisions about complex issues like insurance should be based on System 2 thinking. However, during the research and buying processes, the cognitive effort to do so can lead many people to choose other paths like seeking shortcuts to in-depth research and analysis or delaying a decision altogether.

In a recent report, Future Trends 2017: The Shift Gains Momentum, Majesco examined how impatience is driving a shift in behavior that is causing insurers to look at the anatomy of decisions. What behaviors are relevant to purchase? To renewals? To service? How can insurers still provide risk protection to individuals who won’t take the time to learn about complex products? We’ve drawn some of these insights out of the report for consideration here.

For one thing, insurers clearly recognize that the trends affecting them are far broader and bigger than the insurance industry. Businesses and startups across all industries are capitalizing on the lucrative opportunity afforded by meeting the ever-increasing demands for speed and simplicity made possible by technology and re-imagined business processes. Amazon Prime, Netflix, Spotify, Uber/Lyft, ApplePay/Samsung Pay, Rocket Mortgage (Quicken Loans), Twitter, Instagram and other technology-based businesses represent contemporary offerings that have simplified the customer journey.

Retailers such as Walmart, Best Buy, Staples, Amazon and even eBay are testing same-day delivery for items ordered online. Simplifying a customer’s entire journey with a company by making it “easy to do business with” is more critical than ever for insurers.

What is the good news in the world of impatience? Insurers are quickly finding ways to counter the disparity between the need for speed and the need for good decisions. They are also using a bit of psychology to positively influence decisions, and they are buying back some brain space with techniques that both inform and engage.

In Part 2 of this series, we will look at these techniques as well as product adaptation, framework preparation and planning for transformation that will meet the demand for quick decisions. For more in-depth information on behavioral insurance impact, download the Future Trends 2017 report today.

Pros and Cons of ApplePay Security

ApplePay, the mobile payments service introduced by Apple in October 2014, could ultimately set the security and privacy benchmarks for digital wallets much higher.

Even so, the hunt for security holes and privacy gaps in Apple’s new digital wallet has commenced. It won’t take long for both white hat researchers and well-funded criminal hackers to uncover weaknesses that neither Apple nor its banking industry partners thought of.

Here’s ThirdCertainty’s breakdown of the security and privacy issues stirred by Apple’s bold move into the digital wallet business.

ApplePay defined

Available on the iPhone 6 and Apple Watch, ApplePay stores account numbers on a dedicated chip. Apple refers to this chip as the “secure element” only available n the iPhone 6 and iPhone 6 plus. It is on this chip that your financial information is stored. It is only accessed when a random 16-digit number gets generated for a given transaction, and the number never makes it to the phone’s software, where hackers could reach it.

The devices then use near field communication (NFC) to send a simple token, instead of the full account number, to the merchant’s NFC-enabled point-of-sale register.

“This allows an ultra secure payment,” says Anthony Antolino, business development officer at Eyelock, a biometrics technology vendor. “The only remaining concern is keeping the smart phone under your control.”

Apple tightens down who can control each device by integrating itsTouch ID fingerprint scanner and its Passbook ticket-buying app into ApplePay. This new approach keeps personal information on the device – instead of moving account data into storage servers within easy reach of thieves. The hacks of big merchants in the U.S. and Europe, including Home Depot, Target, P.F. Chang’s and Neiman Marcus, show how adept data thieves have become at attacking stored data.

How ApplePay improves security

ApplePay validates a “data-centric security model,” argues Mark Bower, product management vice president at Voltage Security.

“The payments world needs to move on from vulnerable static credit card numbers and magnetic stripes to protected versions of data,” Bower says. “Tokenized payments reduce the risk of data breaches and credit card theft.”

Mathew Rowley, technical director at security consultancy NCC Group, observes that the U.S. payment card industry continues to require minimal security checks in authorizing credit and debit card purchases.

“Things like chip-and-PIN and two-factor credit cards have been implemented in other countries, but the U.S. seems to be behind the curve,” Rowley says. “Any additional logic built into the process of making payments will make it more secure.”

How ApplePay introduces new risks

Adding a mobile wallet function to the latest iPhone gives criminal hackers more incentive and opportunity to find fresh vulnerabilities, says Mike Park, managing consultant at Trustwave.

“Any new additions and functionality to a platform, even ones meant to enhance security, can expand the attack surface,” Park says. “With the introduction of this type of functionality into a platform, this makes every device a possible target.”

The more popular ApplePay becomes, the more likely cybercriminals will devote resources to cracking in. Research from legit sources already is available showing how to hack into NFC systems — for instance this 2012 report from Accuvant reseacher Charlie Miller.

It’s probable that elite criminal hackers “are looking to steal identities and mass harvest payment card information as they do in other platforms and verticals now,” Park says.

One simple crime would be to target Apple devices for physical theft. Another is to figure out how to remotely access and manipulate ApplePay accounts. “The weakest link is the consumer,” says Alisdair Faulkner, chief products officer at ThreatMetrix. “And ultimately a web page with a username and login, like iCloud, now has an unprecedented amount of information about you backed up into the cloud.”

Pushing payments to mobile devices makes Internet cloud services more complex – and complexity creates vulnerabilities.

“In the past, the only participants were the merchant, the merchant’s bank and your personal bank,” says Richard Moulds, vice president of product strategy at Thales e-Security. “Apple is stating that they will not know the details of individual transactions, which is very important; however, there is clearly the risk of attacks on the phone itself.”

Solution for Biggest Cyber Risk Is Emerging

As the demand for cyber insurance has skyrocketed, so, too, has the cost. One broker estimates that sales in 2014 will double from the $1 billion premium collected in 2013. Much of the increase in demand and cost has been a result of the widely publicized hacks of the point-of-sale systems at large retailers, and the primary emphasis of most cyber policies is to address liability arising from such events.

New payment technologies, however, will change the need for this type of cyber insurance. American Express recently announced a token service; Apple incorporated ApplePay into its new iPhones; and a group of retailers, the Merchant Customer Exchange, is working on the release of a new payment technology, as well. These technologies, although different in detail, eliminate the need for merchants to collect unencrypted payment card information from customers, significantly reducing the risk created by point-of-sale malware.

These technologies work by generating tokens or cryptograms for use at the point of sale. Financial institutions are able to determine whether the tokens or cryptograms are associated with a customer’s account, even though it is virtually impossible for a third party possessing the token or cryptogram alone to identify the account. The specifics of the technologies vary, but the result is that the merchant does not need access to the customer’s unencrypted account information, and any data obtained through the point-of-sale malware becomes virtually worthless.

As these payment technologies become prevalent in the U.S., the need for cyber insurance protecting retailers against point-of-sale malware should plunge.

There still will be a need for coverages protecting against other cyber risks, including other forms of malware and security breaches as well as against business interruptions arising from cyber events. However, the need and demand for cyber insurance covering privacy breaches should be reduced and the pressure on much of the current cyber insurance market removed.

This article first appeared on the Privacy and Information Security Law Blog.