Home » Computing | Finance | Innovation

Banking on the Cloud

29. January 2009 by james 0 Comments
It's been nearly 15 years since Stanford Federal Credit Union started offering online banking services to all it's customers and the revolution of internet banking began, in that time the fundamental service offered has remained largely static.

The years have seen various developments including account aggregation, downloadable statements, increasingly accessible sites (as standards matured) and, just recently we've seen an increased entry into "Web 2.0" technologies.

It's becoming clear that the time of drawing customers into a website for marketing and servicing is set to decline but what does this all have to do with 'cloud computing', and what do we mean by the term in this context?  Let's first take a conceptual view and then we'll ground that back to some real technology to make things a little clearer.

Cloud computing is a term that already seems to be in danger of becoming over-applied but my (in a nut-shell) understanding is that it refers to a scalable infrastructure that may include some form of storage, a processing environment, synchronisation and the idea of software as a service (SaaS).  It primarily uses the internet as a means of connection and is a hot topic for the likes of MicrosoftGoogle and Amazon as a commercial opportunity.    

A practical example of this that you have a large amount of music stored on your home PC, by synchronising the relevant part of the PC with the cloud your music becomes available to you wherever you have an internet connection (and therefore access to your cloud).  Even better, you may configure another device (for example a media player) such that when it connects to the cloud on the internet, it also synchronises and any new music you have added at home is automatically added to your media player.

Let's take a look at a more complete example:

At the bottom of the diagram we have the physical devices which are periodically connected to the internet, and therefore have occasional access to my cloud.  We can see our simple example of music being stored in the cloud and synchronised with both the home PC and the media player.     

Back in the financial context, in addition to the bank's data silo of customer balances and transactions let's suppose for a moment that the status and changes to accounts was to be represented as a feed of information.  Effectively we have a secure RSS feed of all the events that happen to one or more accounts the customer holds with the bank which only the individual customer can access.  Through establishing a relationship from their website, the bank forms a relationship with the customer's cloud that only allows them to update information relating to the particular accounts the bank holds and does not allow any access to any of the other repositories or information that may reside elsewhere in the customer's cloud.

Once data is free from the bank in the cloud it's use is down to the customer and how they wish to establish relationships with other parties and applications to use that data.

For example, let's take the current day scenario of the personal finance site.  They PFM site can let us manage our money typically better than our bank but they are largely unregulated.  The biggest single difficulty these sites face is of getting the information in and people trusting that information is being stored and used securely.  The means used today is to either rely on manual upload by the customer, a time consuming and off-putting task or, by requesting the customer provide their banking credentials and automatically logging into the bank websites and either downloading or reading (screen scraping) the data.  Neither approach is by any means ideal.  

In the case where account events are published to our cloud by a bank, the personal finance site is granted read-only access to balances and transactions through forming the relationship from their site.  The PFM site does not need to store our transactions, they access it as and when they need it and they have done it without needing to know our banking credentials or, relying on any form of "nasty" screen scraping or other unreliable means of pulling in data.  The means by which the bank protects it's own site becomes immaterial as no-one but the customer needs to access it.

By similar means, a customer's accountant has their own cloud in which the relationships could be formed to allow the accountant limited access to the customer's account details.  The diagram above shows a similar idea but sharing photos with a friend so it appears as part of the friends cloud but with read-only access.   

There are more opportunities when we consider hosting applications within our cloud and is where we move beyond thinking of this as purely a central storage and synchronisation platform.  The applications again are granted access to certain feeds of data which they may combine with other external information to provide new services.  In the diagram is the idea that the mobile phone periodically reports it's position to the cloud, no-one can see this information but it could be used to combine with account transactions as a means of warning the user of potential fraud (a card present transaction occurred in Birmingham but you were reported as being in London).  A somewhat unlikely sounding example for now but within the realms of technical feasibility at least.

Rather than industry vertical based mobile applications, a mobile application that runs against a customer's cloud would be able to give a general update of the information contained therein.  Linked with the phone's location, the date or the time the information could be filtered to give a more personalised and contextually relevant view to the customer.

It all sounds a little fanciful, but the idea of the customer's digital existence in the first place is sound which this all builds on.  There are plenty of key concepts I haven't covered here (particularly in the area of security and privacy) and there is no discussion on why a bank would actually engage with this but it is worth understanding the central ideas first and don't forget that the technology that enables this sort of thing is to a large extent beyond even the early adopters amongst us.  There's also an interesting argument to be had which has already started in the social networking world, who owns the data pertaining an account?

What would be interesting to try though is to ground and demonstrate some of this functionality, using Microsoft's Azure cloud platform and Live Mesh.

Currently rated 4.0 by 1 people

  • Currently 4/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5