Mobile enterprise business errors (unintended) #2
A bank nearly gives away its private client customer list... to Apple
Published 10:49, 23 March 12
The first mobile enterprise business error (unintended) involved Banco Santander in Spain. The second comes from an executive of a company asked to help prevent what was about to happen. This involved a bank which realised, just in time, that what it wished to do with its proposed iOS app would give Apple unintended access to the bank's private client customer list.
This unidentified bank possesses a successful private client business. Wishing to stay relevant and attractive it decided to build a dedicated iOS app for its private client customers to access their banking facilities from use on iPhones and/or iPads. The concept was simple. The bank would:
- develop an app
- place this app on the iTunes App Store
- tell its private clients that it the app was available for their exclusive use
- then clients with iOS could go to the iTunes App Store to download the app, and thereafter use their iPhones or iPads to interact with the bank.
It proceeded to develop the app. Only when it was near
completion did someone at the bank consider one very inconvenient
business consequence of placing the app in the iTunes Store. Every time
that a client downloaded that app (which would have had the bank's
name), Apple would possess a record of the download (even though it was
to be a free app).
In other words Apple would have the data within the
iTunes App Store database (which has names as well as contact details of
all iTunes App Store users) for the highly sensitive and valuable list
of the bank's private clients. Of course, this would not have been for
all the bank's private client customers, only those who downloaded the
app. But that was bad enough.
The good news is that the bank realised what could happen before making the app available (and turned to this company, looking for a secure solution which did not throw away what was already built).
Nevertheless, what this reveals is how
easy it is in the complex (and confusing) world of the new mobility to
possess good intentions which in practice are, or could, deliver
significant if unintended business 'errors'. Being aware matter so much
more when it involves enterprises and mobility.
If you know of or come across other such unintended business idiocies
'introduced by mobile technologies', please feel able to email me at firstname.lastname@example.org or DM me at @charlesbrett on Twitter.