The Bankwatch

Tracking the consumer evolution of financial services

Clairmail and Telus partner to bring mobile banking to Canada

Telus and Clairmail announce today a strategic partnership. we first wrote up ClairMail, here last May.

                 

I like their service, and it makes sense as a capability for Banks, to support customer loyalty.  

Online banking customers are more and more dis-associated with their own Bank unless cross channel activities are brought to bear, and this is an excellent example. It can be as simple as an account alert, notifying a customer that a debit of over $xxx was processed in their account using Interac Debit, 1 minute ago. But the potential is as limitless as the imagination, including out of band multi factor authentication for online banking, or mobile payments.

It also makes sense to partner with a Canadian telco, who is familiar with the Canadian environment, and in the case of Telus, who have experience working with Canadian FI’s online systems.

Novato, Calif.– April 2, 2007 – ClairMail, Inc., the leader in 2-way mobile phone-based customer interaction, today announced a strategic partnership with TELUS, a leading Canadian national telecommunications company offering advanced capabilities in systems integration and implementation, to bring the ClairMail solution to Canada.

Source: Clairmail & Telus

Written by Colin Henderson

April 2, 2007 at 07:03

14 Responses

Subscribe to comments with RSS.

  1. Interesting.
    The credit union I work for, Mt. Lehman Credit Union, has a product called MemberNote. It alerts any use of a members card (ATM or POS) via text message and/or email. On April 15th this service will be 2 years old. We have learnt a lot about what people want with this type of service in the last few years. Our next version to be released by the end of June will have some very unique features. Because ours is built around our banking system there is no need for a 3rd party solution so security isn’t an issue. Another interesting point – we will alert you if your card is used to look at your account balance. Somewhat of a difference because most skimmers will look for a balance first. I am assuming 3rd party solutions will only notify on transactions. This may pose problems with the continual lookups on accounts via an internet banking source. The servers will be pounded.
    We have seen a very positive acceptance by members for this product. It will be interesting to see how this service evolves.

    Gene

    April 2, 2007 at 12:36

  2. […] 2nd, 2007 by tinfoiling There is a post at The Bankwatch about a product that will alert a bank customer of transaction activity with their bank card. […]

  3. Gene … I have been keeping track of CU innovation, and this is a great example, particularly as you built it yourselves. Thanks.

    Colin

    April 2, 2007 at 16:10

  4. Gene and Colin, did I understand this correctly? Are these 3rd party “solutions” just web apps that automatically log into the banks users account to monitor transactions? The bank customer has to enter their account info into this tool to get notifications? This is of interest since it seems to create, yet another, avenue for a phishing attack (and I’m trying to solve that problem).

    Randy

    April 2, 2007 at 21:53

  5. As I understand it from chatting to Clairmail people (can’t speak for Mt Lehman) they install a server that responds to the SMS calls. I cannot speak to the security involved in that transaction, but I am sure interested if someone from Clairmail cares to comment.

    Colin

    April 2, 2007 at 22:39

  6. Gene, can you point us to a web page or something that has more detail on your interesting case study, many thanks.

    Dave Birch

    April 3, 2007 at 07:39

  7. Randy – what we saw of My-Spy was a PC .exe file that you input the information and it ran collecting the information from your internet bank site.

    Dave – If you go to http://www.mtlehman.com on the right hand side is a logo MemberNote and a link. Click on the link and a PDF file will download. It has the particulars as to the product. If that isn’t what you want let me know.

    Gene

    April 3, 2007 at 19:28

  8. Thanks Gene … any insight you are able to provide for readers as to the technology tools used?

    Colin

    April 3, 2007 at 21:05

  9. Gene,

    I’ve tried commenting on your blog about this topic (or more specifically, technology and banking) but I can’t create an account there. I have some questions and you are the right person to be asking. Would you mind contacting me (my info is on my site). Thanks.

    To everyone else, sorry for the thread hijack.

    Randy

    April 4, 2007 at 11:14

  10. Randy, unlike the recent solutions announced by AT&T and Verizon, ClairMail is not a downloadable application — our solution uses the existing messaging software (e.g. SMS) already on every mobile phone, so there’s no new mobile phone software required. The ClairMail server resides on-premise behind the bank’s firewall, and integrates with the bank’s systems of record. The initial setup of your mobile banking service goes through the server to connect your phone’s identity to your bank account. No private account information is ever transmitted, nor is any confidential information ever stored, on your mobile device.

    The ClairMail solution mitigates phishing by sending an out-of-band, actionable alert to your mobile phone so you can verify/approve the transaction. If a transaction occurs that you don’t recognize (e.g. a phishing attack), you immediately become aware of it and can simply disallow/not approve the transaction.

    All of these security measures together mitigate threats from phishing, vishing, man-in-the-middle and other fraud/identity theft attacks.

    David Thompson
    VP of Marketing, ClairMail

    David Thompson

    April 4, 2007 at 15:26

  11. David … great to have you join this conversation! Can you comment on how your solution prevents bad guys from sending fake SMS messages to gain access to data? Many thanks.

    Colin

    April 4, 2007 at 15:31

  12. Every phone must be registered and verified in order to have a valid account and utilize the ClairMail system for mobile banking.

    This means that anyone attempting to spoof a customer phone for malicious purposes would find that all communications would return to
    the real customer’s phone via the trusted path. Upon receiving alerts from their banking institution, the real customer will then have the
    ability to take appropriate action, including disallowing the transaction or contacting their bank for follow up.

    David Thompson
    VP of Marketing, ClairMail

    David Thompson

    April 13, 2007 at 18:39

  13. Thx David.

    Colin

    April 13, 2007 at 22:17

  14. […] For additional discussion on the solution, and the strong security aspects, refer this earlier post. […]


Comments are closed.

%d bloggers like this: