Cingular, why the need for this?
Published March 27th, 2007 3:32 PM EDT By Daniel GoldmanCingular – soon to be AT&T – will offer a special application download to their customers that will allow them to access their bank accounts and pay bills via the mobile phone. Among the big banks that are going with this are Wachovia, Bancorp South, Regions Financial, and SunTrust.
I don’t understand the need to download a specialized banking application for the phone. What happened with the plain old web? This application is duplicating what’s already on the web in the form of webpages.
What’s next? Should clothing retailers, such as GAP and Banana Republic, make mobile applications too?
Should we expect mobile users to download all these applications, when they’re all available just a click away with a mobile browser?
Someone go tell Cingular/AT&T about Opera Mini, the tiny free mobile browser (with SSL support).
If you enjoyed this post, then make sure you subscribe to my RSS Feed.
using
Opera is good - but not everything can be managed with a web browser.
In the online banking sector, stand-alone banking applications were much earlier available than web interfaces. And they still have advantages: You can keep track of your accounts for a longer period than your bank makes the data available online. You can prepare several transactions and perform them bundled - as long as mobile flat-rates aren’t common, this might be a nice feature for many people.
I don’t know about Cingular’s application, but I see that there might be some reason to use it.
using
And it’s all going through one single proxy, owned by a private company and there isn’t any way to change that. Sounds like a very secure setup, why don’t we set up that proxy for all our desktop PCs as well.
using
Perhaps they feel that people will want an application that doesn’t integrate with Yahoo?
Sorry… Can you tell I hate Yahoo?
using
I’m not sure about banking through Opera Mini, let alone through little individual app.
However I do bank through Opera Mobile every one in awhile, never had issues with it since, going on three months now.
using
Genjinaro, banking should work just fine with Opera Mini, since it support SSL.
using
Well, I’m all in favor of a universally accessible web- one page to rule them all. I’m not in favor .mobi, or mobile coding for pages.
That said- there’s nothing *wrong* with optimizing for the mobile environment, provided the other conditions above are still met. I’d like to be able to get into any web account I have now with my mobile- hence my thoughts in the first paragraph. But there are a handful of applicaitons which, if given the choice, I would optimize for mobile experiences.
Example- banking: I’ve noticed the most frequent mobile banking function I perform is transferring funds from one account to another (apart from checking the balance, but that’s available as soon as you log in) I don’t necessarily do that most often on my desktop, it’s just one of many tasks I do.
…so if I had a RIA or… I don’t know… a WIDGET of some sort that allowed me to quickly check my balance and make a transfer, I would much prefer that to loading the browser and navigating through my banks web page.
But again, that doesn’t mean I don’t want my banks web page to be usable/available through Opera Mini- just that I’d choose to optimize my user experience.
I can imagine only a handful of widgets or apps, off the top of my head:
Banking
Netflix
I’d download and install an app that was tailored to “on the go tasks.”
this is of course assuming that the RIA developer takes the time to do usability studies of some sort on the type of tasks that lend themselves to the mobile experience and optimize for them.
using
I am REALLY glad that, as a desktop user, I don’t have to download a million pieces of software (and manage a million pieces of software, making sure they’re all up to date) in order to access online stores.
Wow this is sad. I’d also wonder about the privacy of those applications, whether the bank info is at all secure. I can trust Opera, but I can’t trust my cell phone carrier (which charges me way more than it should) to not “slip a tip into its pocket”. Sigh. How sad.
using
[irony] well, the next windows is allready in development, so we can expect that feature soon [/irony]
using
“Sir, your house is safe, there’s a lock on the frontdoor.”
SSL is no magic word that suddenly makes everything completely safe.
using
I agree with the anonymous comment above - while I love Opera Mini for general browsing I’m always wary of pushing passwords and supposedly secure communications through a proxy that looks at the data coming through, especially as it’s a proxy run by a single commercial company.
using
Proximus - a Belgian telecom operator - has recently introduced such a service. But here you are forced to get a new SIM card with an application to use the service. Thats even worse than needing to download an app.
But the service is mainly for merchants, less for customers.
It would be nice to have this service usable with Opera mini, but I’m afraid the mobile web isn’t mature enough and still unknown.
using
Exactly, as much as i love Opera in all flavours, banking sites should not be used with Opera Mini, as all data goes through an opera proxy server and opera holds no liabilty over this data (as you agree to in the usage agreement).
Opera Mobile is another story, as all requests go directly from and to the device.
using
Remco, the point that has been made often against online banking is the lack of support for SSL, Opera Mini doesn’t have that issue. Though that’s not to say that there aren’t any other security aspects of online banking.
using
Robin, if you’re worried about your passwords being pushed though a proxy, then why does it matter if it’s being pushed though a single company or multiple? Do you trust Cingular’s applications with your passwords?
using
Dane, no matter which browser you use, all your data still has to go through your Internet provider, they see everything (unless it’s encrypted).
using
Daniel, my problem is not with the internet service provider. HTTPS (using SSL) provides exactly the encryption you are referring to, so no man-in-the-middle attacks are possible between two peers communicating using HTTPS.
In a standalone banking application, the two peers are the device with the J2ME application using HTTPS and the bank server.
But with opera mini, there is Opera’s processing proxy inbetween the two points. And because the proxy processes the data for the client, this can only be done if the proxy can “understand” the data, so it is actually decrypting the data on receiveing and encyrptys it again when sending the request to the target server, and the same goes for the response.
So on Opera Mini’s proxy server, by design, all data must at one point be processed in plain text, which is a security risk for sensitive data like banking information.
And while a have no doubt that Opera Software takes the utmost care in securing this data, this does not exclude the possibility of a hacker attack that would retreive this data. So for banking applications, i feel that this is an unneccessary risk involving a third party (Opera software). Also, in the user agreement that you have to accept before using Opera Mini, it states exactly this and what i think is a standard disclaimer, so Opera probably can’t be held accountable if such user data would get compromised.
using
Of course SSL is not a magic word. SSL is an acronym that stands for Secure Sockets Layer. It is a form of encryption that ensures that other people are not eavesdropping on your HTTP traffic. This allows for things like user names, passwords, credit card numbers, etc. to be passed back and forth between your browser and a web server without fear of them being intercepted.
SSL is not easy to crack, therefore when you log into online services, or perform online transactions, the chances that someone could crack the SSL encryption and inspect the contents of the stream are close to non. Obviously it’s possible, but most SSL keys are long enough that it would take years to crack, and the average SSL encrypted stream will only last for a matter of seconds.
The way that people normally get ahold of your personal information, credit card numbers, login information, etc. is through a type of spyware known as a key logger (more info). While it is virtually impossible to crack an SSL encrypted stream, it is very easy to log keystrokes. It’s also far easier to get a key logger onto a user’s computer than it is to find an SSL encrypted stream in that wonderful mess of TCP/IP traffic that we call the Internet.
So, on a mobile platform that isn’t targeted by virus/spyware writers, you would be more than safe with a 128-bit SSL key.
using
“… why the need for this…”
Faster, cheaper (and more secure)… ???
Faster and cheaper, as Application is tailored for mobile phone access. Only relevant info / links are shown (not the whole bank site). Less data to download.
For Opera Mini /Mobile to do the same, they would need an advanced *content blocker*… or rather *content designer*… to be able to only check balance and pay bills… (Maybe a widget could do the trick ?)
That said, the Application could also have been in the form of a Web page… but a download brings the bank *closer* to the customer, I guess