Feb 19

Mobile Enterprise Business Errors (Unintended) #2: a bank nearly gives away its private client customer list … to Apple

The first Mobile Enterprise Business Error (Unintended) involved Banco Santander in Spain http://www.constellationrg.com/blog/2012/01/mobile-enterprise-business-errors-unintended-1-banco-santander-illustrating-how).  The second comes from an executive of a company asked to help prevent what was about to happen.  This it involved a bank which realized, just in time, that what it wished to do with its proposed iOS app would give Apple unintended access to the bank’s private client customer list.

This unidentified bank possesses a successful private client business.  Wishing to stay relevant and attractive it decided to build a dedicated iOS app for its private client customers to access their banking facilities from use on iPhones and/or iPads.  The concept was simple.  The bank would:

  • develop an app
  • place this app on the iTunes App Store
  • tell its private clients that it the app was available for their exclusive use
  • then clients with iOS could go to the iTunes App Store to download the app, and thereafter use their iPhones or iPads to  interact with the bank.

It proceeded to develop the app.  Only when it was near completion did someone at the bank consider one very inconvenient business consequence of placing the app in the iTunes Store.  Every time that a client downloaded that app (which would have had the bank’s name), Apple would possess a record of the download (even though it was to be a free app).  In other words Apple would have the data within the iTunes App Store database (which has names as well as contact details of all iTunes App Store users) for the highly sensitive and valuable list of the bank’s private clients.  Of course this would not have been for all the bank’s private client customers, only those who downloaded the app.  But that was bad enough …

The good news is that the bank realized what could happen before making the app available (and turned to this company, looking for a secure solution which did not throw away what was already built).

Nevertheless, what this reveals is how easy it is in the complex (and confusing) world of the new mobility to possess good intentions which in practice are, or could, deliver significant if unintended business ‘errors’.  Being aware matter so much more when it involves enterprises and mobility.

NB.  If you know of or come across other such unintended business idiocies ‘introduced by mobile technologies’, please feel able to email me at charles@constellationrg.com or DM me at @charlesbrett on Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *