Naga Chokkanathan

Few weeks back, ICICI Bank introduced a new security mechanism called “OTP” or “One Time Password”. This is to prevent possible misuse of ICICI internet banking services.

In a nutshell, OTP System works like this:

Case 1

• You use a regular computer (Let us say your personal desktop or laptop or netbook) and ICICI marks it as your “Default Device”
• When you connect to icicibank.com using this computer, you can straightaway login with your username, password, no additional questions asked

Case 2

• Let us say you are travelling and trying to use icicibank.com from an internet cafe (or your brother’s laptop)
• This is assumed as an ‘unusual activity’ and the bank wants to confirm there is no misuse
• They send an SMS to you, with an One Time Password
• You need to enter this in the login screen (along with your usual User Name, Password) and then only system will allow you to enter its banking website

When I saw this feature first time, it was very impressive. I searched for the word OTP and found that this is a standard security mechanism adopted by many data-sensitive websites and I was happy to see an Indian bank implementing it.

Around the same time, I bought a new computer. Tried accessing icicibank.com from there, obviously, the bank detected this as ‘unusual’ (because it has my old computer’s particulars as my ‘default device’) and I was asked to enter an OTP via SMS. I did it dutifully and felt very secure.

Guess what, after few days, this became an unnecessary irritation. As I use my new computer more and more, I wanted this to be treated as the ‘usual’ (and ‘default’) device. I wanted my bank to learn this from my usage pattern – after all, I have entered the OTP 10+ times now from this very computer, Means this new device should be a valid / acceptable one, right? Why continue OTP process even now?

To solve this problem, the bank can provide a simple checkbox in the login / OTP screen “Accept This Computer As An Authorized Device To Access My Bank Account”. This can’t be misused because, it goes with OTP, which is anyway the ultimate security mechanism – Once I check that, don’t send / ask me to type an OTP anymore on this computer.

Protecting user’s privacy / security is very important. But if we try to implement them without a focus on User Interaction / Simplicity, it will cause pain, frustration, resistance and finally, drop in usage.

(077)

***

N. Chokkan …

27 09 2011

Few days back, I downloaded an application for my phone. It works very well, except for a crazy bug – when I add notes there, it is all small (lower case) letters. Even when I add a full stop, the software is not intelligent enough to automaticaly ‘capital’ize the next letter.

I checked in the application web site, already many people reported the problem and there was a patch readily available. I had to download / install it and my issue was resolved. Neat!

But guess what, all these are a so 1990-ish. Why am I expected to patch an application that I installed just a couple of days back? Can’t the system be self-correcting?

These days applications (PC / Mobile / Others) are expected to Auto-learn. Even before an user comes forward and reports the problem, the application should observe the usage pattern and decide that “95% of the users type an upper case letter after a full stop” and automatically suggest this as a bug / enhancement to the development team. You can even go a step ahead and write an alogorithm to Auto-solve bugs.

Too much to ask? Nah! Most of the SaaS (Software as a Service) applications are now Auto-learning. Trick is to make sure that the application remodels itself to the way the user thinks / uses it. For this to happen, you shouldn’t stop after product development, its usage patterns needs to be carefully analyzed – manually, or better, thro’ another software program!

We may have a long way to go in this direction, but that is the future. Web 3.0 users will not be installing patches or suggesting bug fixes. They will simply drop a static application and move on to a more intelligent one!

(076)

***

N. Chokkan …

20 09 2011

Visited South Bangalore’s latest attraction “Royal Meenakshi Mall” Yesterday. Didn’t have enough time to browse all stores, Just managed a quick scan and found a very interesting idea in their super market (Called “Hyper City”)

As the name suggests, It is a huge store and it’s very difficult to locate what you are looking for. On the flip side, too many brands were fighting for the buyers’ attention in this ocean of products.

In the middle of all these displays, Hyper City people had kept some toys – Stuffed animals, Barbies, Mickeys, Winnie-the-poohs, Race Cars, Cute pillows, umbrellas and more. Almost all of them were VERY big in size and placed in such a way that kids can see them clearly from far-far away.

These toys were not for sale (they had no price tag). Store people had kept them there purely to attract children.

And, their plan worked. Almost all the kids in the store were touching those toys and playing with them. Their parents didn’t mind because those toys were not purchase-able anyway. It looked like a nice distraction for kids, while their parents can buy stuff peacefully.

On a different level, this strategy had a different goal too. When I looked at the places where those toys were kept, they all were in the middle of some chocolates / biscuits / cakes / dress items / other Kids’ products’ displays. So the kids who played there for at least 10 to 15 minutes were picking some of those stuff and asking their parents to buy them. Even if 20% of the parents agreed, I’m sure those toys will pay back the investment in a matter of few hours.

***

N. Chokkan …

19 09 2011

Yesterday I saw an interesting T-shirt. It had a simple slogan / advertisement:

Even Rajnikanth can’t block spam SMS the way we do 🙂

I liked this creative way of product promotion. So I tweeted about it immediately.

Couple of hours later, I got a reply from the person who was wearing that T-Shirt. He thanked me for the tweet and encouraged me to try the Spam SMS Blocker product he was promoting.

This made me feel very strange. I noticed the creative t-shirt slogan, but didn’t even care about the product it was trying to sell. It is like you remember a wonderful television advertisement, but you can’t recall which product it was selling. That makes it a failed AD, Right?

Fortunately, this company was going beyond a creative T-shirt slogan. They are actively monitoring twitter / facebook and other social networks where people are talking about SMS Spam and using the opportunity to build relationships and promote their product.

In my case, I noticed the t-shirt, slogan, but forgot all about the product. Because of the company’s social monitoring and the way they came back to me with the product recommendation, I went to their website and seriously thinking about using their product. After all, they do something Rajnikanth can’t 😉

This is a beautiful use case on why monitoring should be an important part of your Social CRM Strategy. In this example, Monitoring has helped improve efficiency of an advertisement, which was good on its own, but didn’t make the brand name / product stick!

***

(075)

N. Chokkan …
16 09 2011

@ Kumbakonam (a temple city in Tamil nadu, South India) I saw a curious set of name boards, many tea shops, even tne tiniest ones had this flex board. They all had the same brand (Brookebond 3 Roses tea), but different faces, those people didn’t look like actors or models, they were very much common people, like you and me. I was wondering why a big brand like Brookebond is using such commoners in their Ads, can’t they afford professional models?

After some careful observation, I got the clue. They were not models, but owners of respective shops. By using them in their own personalized boards promoting the 3 Roses tea, Brookebond scores double points:

#1 Customers (Regular / New) to that shop will see the owner (most likely making tea in the same shop) endorsing this tea brand via the name board and it will stick better than a Bollywood star or Cricketer promoting it

#2 Loyal customer base, I doubt of these shop owners will ever buy other tea brands, after they are bowled over by such a ‘lime light’

Interesting idea. It is worth spending time and energy to think about ‘What can we do to make our customer special, really special?’

(074)

***

N. Chokkan …
11 09 2011

Before Google, world’s premier search engine was Altavista.

Today not many know about Altavista. But they deserve more credit than being a mere footnote in the history of internet. Actually they were the first company to bring so many innovations in the art of ‘searching web pages’ and made it main stream.

When Altavista was launched (1995), They had 16 million documents in their search index. And this size was growing day by day, people at Altavista were very proud of this achievement. They wrote articles, white papers, research papers and gave interviews to tons of journalists about the millions of web pages they were indexing everyday and boasted about the power of their search engine, which can easily retrieve the required results from all this information pile.

One problem which Altavista failed to notice was, they were very much focussed on the raw power – after all, their operations were promoted by a hardware company and they believed more computing power means, better search results.

Unfortunately, it was not true – Imagine a ‘Book Robot’ which reads all the books in the world and can spit out information when you need it, that was Altavista, raw power to store and scan millions of web pages fast. They didn’t really care if the results provided were relevant / useful to the end user who is searching for some information.

Same was true with most of Altavista’s competitors. They all focussed on size, power – they tried to index more documents than Altavista, tried to provide results faster than Altavista and believed that will help them win the ‘search war’.

Enter Google, From day 1, their focus was on software – intelligence. Of course, they had enough hardware to scan and store data, but the way they mined the data and presented the results made all the difference.

Imagine we make a second version of the same ‘Book Robot’. This time the robot not only reads and remembers the books’ content, but also knows the links / relationships between various books. Because of this intelligence, it is able to suggest us the right books / chapters that we are looking for, instead of blindly reading out the results.

This was the difference Google brought to the table. They not only scanned and stored the web pages, but also focussed on the inter-relationships between these pages and used it to rank them. Then they presented the top 10 ranked items for any given search and users loved it.

To use an anology, Altavista had a gold mine (millions of web pages), but they were simply using it as a farming land. Google was able to go deep into the data and extract value – It was not a simple query engine, but an intelligence engine.

Manytimes, when we fight our competitors, we need to take a call, ‘Should we use raw power, or intelligence as our weapon? May be a combination of these will be most effective?’

(073)

***

N. Chokkan …

02 09 2011