FNB introduced version 5 of their mobile app in November 2016, featuring “industry-leading solutions such as FNB Pay, Fingerprint ID, Secure Chat, Smart inContact, 1-touch Report Fraud, as well as the FNB Watch App.”.
Amongst the “improvements” was a replacement of SMS OTP for online transaction verification. One can imagine how the business case sold itself, a new fancy app feature and a reduction in costs for sending bulk SMS. The process works as follows:
- Sign in online for Online Banking
- Choose to Pay someone
- Fill in all the details
- Confirm details
- Wait for a notification on your registered smart device
- Click on the notification
- Sign in on the smart app
- Continue online
Steps 5 to 9 have to happen within 80 seconds. Sounds straight forward right? Except it isn’t. There are two major issues I keep stumbling into:
- Smartphone notifications are simply not reliable (in comparison to SMS at least), so they either don’t arrive or they don’t arrive within the 80 seconds
- If, like me, you keep changing phones, the phone needs to be verified (note, this is not the pairing process done when you 1st use the app).
- This is when it get’s more complicated: You need to login to Online banking to authorise the device, but if FNB decides that it doesn’t like your browser, IP address or other information, you will not be presented the option to authorise the device.
- There is no indication to you though that you’re banking with reduced functionality except for some arbitrary errors on some transactions (like transaction limit reached, when in fact you’re way below the limit) and missing items in menus.
Phoning in to the call centre doesn’t help. They try all sorts of things to get you onto a trusted Online Banking session, like not using incognito mode, trying different browsers etc. None of which works. Finally, they try to verify the PC/Browser/IP you’re using on the back-end, after a complicated over the phone verification process. In the end that fails too.
So you’re stuffed. Unless by some change you can still use your old device.
I’ve asked the call centre to relay this to the “tech team” on several occasions and nothing has changed.
The user experience has been killed in favour of cool tech and cost-cutting on SMS. It’s easily fixed though: bring back SMS OTP or at least make it a fall-back option. Blows the business case I’m sure, but revives the User Experience which should be the priority.