Digitalisation at the LLB Group

Expert article for Computerworld dated 1 September 2017

During times of digitalisation, banks face major challenges. They need to be able to integrate new functions and innovations quickly, their customers need to be able to access their own personalised range of offers at any time, from anywhere, and 100% security is paramount at all times. A digitalisation initiative by the National Bank of Liechtenstein (Liechtensteinische Landesbank) is pointing the way forward when it comes to achieving 'digital agility'.

The 'Liechtensteinische Landesbank' Group (LLB Group), of which Bank Linth also forms part, began their extensive digitalisation project in autumn 2015. Their aim was to create a modular cross-channel online banking platform with adaptive security that would bring together a flexible and optimal mix of their own services and integrated services in a single online interface.

Today – barely two years later – they now have an entire infrastructure in place. They have launched mobile banking apps, as well as a portal with integrated online banking. Thanks to single sign-on, users only have to log in to the portal once to be able to use all of the applications. The design and layout come together as a seamless whole and guarantee that the customer will have a consistent experience throughout.

Ergon Informatik was one of the LLB Group's technology and development partner throughout this project and worked closely with LLB to create the architecture and the multi-level security concept, developing the portal as a central access point to the entire range of services, plus the online banking and mobile apps.

Fast response possible thanks to 'two-speed architecture'

Nowadays, any new front-end services added to a bank's digital service portfolio need to have the option of being implemented in short releases, i.e. fast, with flexibility, whereas back-end applications have much longer cycles and must guarantee (above all) stability, performance and accuracy in their execution. To ensure that both – digital agility at the front and stable processing in the back end – are possible at the same time, the two layers need to have a clean separation. This is achieved by a 'two-speed architecture', which uncouples the customer applications from the core banking solution. The separating layer, i.e. the central micro-service interface, plays a central role here: The back-end applications make their services available to all potential consumers in fine granular form. The consuming front applications can use these in any combination to create a unique overall service, but at the same time they are protected from release changes in the back end by the separating interface.

This pattern was also incorporated into the portal architecture and makes it possible both to integrate your own applications and to integrate external content. This happens covertly under one design interface, ensuring that the customer gets a consistent overall look. Thanks to the responsive web design, the portal is user-friendly and can be used on both stationary and mobile devices.

The security architecture is based on the Airlock Suite. By being dynamic, upstream and multi-layer, it ensures that the user only has to interact with the security systems when really necessary and at as low a threshold as possible.

Mobile banking apps and online banking – security & convenience

When developing the mobile apps, importance was attached to creating the best possible user experience and achieving high security standards. For this reason, a decision was made to use native apps instead of a hybrid application. One convenient function of the mobile banking app is the fingerprint identification option, which enables the customer to check their account balance quickly with little hassle. They are only required to provide other means of ID, i.e. adaptive means, for other functions, such as conducting transactions. The system enables different rights in line with the type of log-in.

The previous Java client for online banking was replaced by a web solution. Two-stage authentication is now used for user access to the system. The 'Photo-TAN' identification used for this is a service provided by one of our partners, which forms a standard part of the Airlock IAM authentication solution. If the customer needs help with their online banking, the co-browsing function means that they can receive support from Customer Service employees. This component is another third-party solution that has undergone optimal integration into the overall solution via Airlock WAF and which is available for the entire service portfolio.

With corporate clients, payments often have to be approved by separate people. To simplify secure administration, the encrypted 'push alert' was introduced for online banking. This secure notification system is a convenient way of informing customers about any payments that need to be approved.

Fraud detection with machine learning

The majority of banks use rule-based systems to detect attempted fraud. The disadvantage of this kind of approach is the lack of flexibility in the event of new attack scenarios, which in turn results in rising costs, increased personnel expenditure and dissatisfied customers due to excess false positives. Ergon has integrated a fraud detection system in the LLB Group's new online banking system that, via machine learning, is more reliable at detecting fraudulent payments than human experts would be. In combination with the Airlock Suite security product, the system ensures optimal interplay between 'prevention' and 'detection' mechanisms. With this approach, fraud detection can be implemented in payment transactions with an exceptionally low false positive rate, ultimately reducing the costs of fraud detection but also the amount of manual interaction that is required.

Foundations laid for digital agility

Through their portal and flexible architecture, the LLB Group is ensuring a consistent experience, reaching out to the customer on an emotional level, at all points of contact, which will mean the Group can upgrade and optimise their business processes in the future too. The next step will be digitally supported consultancy – which should be quick to implement thanks to the new infrastructure. With other services in the pipeline, the vision of digital agility is set to become a reality.

Adrian Berger is Dipl. Informatikingenieur ETH and Managing Director Finance Solutions at Ergon Informatik AG.