This morning I needed to make a payment on a website.
Not the most ambitious task for a Monday morning I’ll agree, but it does serve as the jumping off point for the journey through hell I’ve gone through today.
Back to the payment. As an FNB customer I opened my FNB app and stuck my thumb to the display for it to grant me access so that I could approve the payment.
“YOUR REQUEST CANNOT BE PROCESSED”, the app shouted at me. Strange, it was working on Sunday evening.
“YOUR REQUEST CANNOT BE PROCESSED”, it shouted again. “System currently unavailable. Please try again later. For assistance, please contact 087 575 0362,” read a message on my display.
For the briefest of moments I thought I could simply use the FNB website to make the payment before I realised that without access to the FNB app, I’m pretty much dead in the water.
This is because last year FNB made the decision to switch from One Time Pins being sent via SMS to a customer, to asking customers to approve a transaction from their banking app. FNB calls this solution, Smart inContact.
“Instead of receiving your OTP via SMS, Smart inContact uses interactive messaging via the Banking App, so that you can approve these transactions securely,” reads a description of the feature.
In order to interact with this request for approval one has to log into their app and this is where my problem comes in.
Without Smart inContact the only way I can make a payment online or approve a payment being made online is to go back to 1999.
According to a representative at the FNB contact centre, if I want to make a payment today while my app is unavailable I need to do the following:
- Call FNB General Inquiries
- Select Telephone banking and select the option to speak with a representative
- The representative will then take down the details and make the payment on my behalf
Sure, FNB has won App of the Year for its banking app and it will tell you that while you wait on hold endlessly for a representative, but when that app fails, FNB becomes nigh on unusable.
This does, however, highlight a problem with Smart inContact – it doesn’t work in isolation. Of course neither do OTPs, but at least a few months ago I could use either the app or the OTP to approve a purchase. Today, however, as I grow increasingly anxious about a late payment I don’t have that basic feature to approve a purchase.
Worse still, FNB tells me that the matter will be addressed in 24 – 48 hours. Two days without access to FNB’s app which it has pushed to become the primary touch point for its customers.
This is terrible because that touch point appears to be designed to cause as much friction as possible when it isn’t operating in ideal situations.
Hell, even Smart inContact doesn’t work all the time so I’ve had situations where I’ve tried to make a payment and the prompt just never appears despite being connected to the internet.
FNB should reconsider using the OTP as an approval mechanism. While I understand that this authentication method is vulnerable to fraud, there are many attack surfaces a cybercriminal could use to get their hands on that information.
Creating a single point of failure causes frustration and friction that does nothing but push customers away.
OTP SMS is not sexy, but at least it’s not relying solely on FNB’s code for it to work.
What FNB needs to do then is allow its customers to use multi-factor authentication and this should include factors that don’t become unavailable when FNB has an issue. I’ll even use Authy if you want me to FNB, just please give us more options when it comes to authentication.
Now if you’ll excuse me I need to make a 20 minute phone call to make a payment.