Credit Union Geek Marketing, Strategy, and The Force by Joe Winn

Passwords. An Update.

Originally published on CUInsight.com

It’s a topic you’ve seen here before. Time and again. Of course, it’s still pertinent since we keep using them. Passwords are a bane of the tech world. Unless you can invent a simple way to authenticate yourself with any service, they’re going to stick around for a while. That doesn’t mean we need to despise them, though. In the past, we have discussed the problems on both ends, from policies that lead to creating awful passwords, to people insisting on using “love”, “*dogname*”, and “!23456”.

Grab your favorite password and…throw it in the trash (sadly, even “CorrectHorseBatteryStaple“). Because we’re back.

Like the question of eggs being healthy or your worst nightmare, passwords see a wide variety of advice as the years go on. Some of it is due to a long period of terrible advice (which we discussed before, and, I’ll admit, my own suggestions evolved, too). Thankfully, this is changing…slowly. The other part is based upon processing speed increases; it’s easier than ever to parse billions of possibilities (using databases of common passwords from leaks combined with dictionary analysis). So what’s the current solution?

It’s lurking in plain sight, on all your devices. The best password is one you never create. Every modern platform supports strong password suggestions. Then, they save these passwords in a secured database, so you don’t have to put a note in your drawer (it’s ok, you’re not alone). Depending on the system, there might be a master password, or, it can combine with biometrics. Make this be your big, strong password, then never use it. Rely on the fingerprint scanner, FaceID, or other verification system.

On iOS (that’s iPhone and iPad), the next version will have automatic strong (Apple calls them complex) password creation and storing. That means, when a site asks to create a password, your phone already filled in a really good one. Then it saves it so you never even bother thinking of something. To log back in, your phone just asks for verification through TouchID or FaceID (depending on device). This is new; auto-fill now has security, too. Yes, you still have to create a unique username. Sorry, MarioKartKing is taken.

There’s another side of this revisit: Updating your password. I know, I know, I spoke strongly against this practice in the past. My position is unchanged. If you change your password, make it for a good reason. A brilliant website called haveIbeenpwned.com checks your e-mail address or usernames to see if they were included in any breaches. If so, it shows which and to what degree. Then, you know it’s time to update those passwords (and anywhere else you shared those credentials). That password auto-suggest is looking mighty nice right now.

Here’s the bottom line: With password managers so prevalent and easy to use, there’s no excuse to still create your own passwords. It’s putting you (and the data within) at unnecessary risk. It also saves time. When I read of a breach on a service I use, I just go in, update that password, and get back to my life. Since it won’t be shared with any other system, I don’t care what someone does with the information. Granted, if passwords were stored in a way someone could access them, I’d be questioning the utility of said service, given their poor security practices.

Bottom line of the bottom line: Complex, random strings of characters, stored in a quality password manager, is the best way to ensure your personal (or corporate) information remains only in the hands you want.

Resources (A non-exhaustive list of password managers)

OS Based:

SmartLock for Passwords (Android/Chrome)
iCloud Keychain (Apple devices)

3rd Party:

Firefox Sync
LastPass
1Password

Find Your Platinum Lining - ICU Day 2018

This ICU Day, Let’s Aim for Engagement!

October 17, 2018 / Joe Winn / 0 Comments

I’m a huge fan of the credit union mission and all it contributes to our communities. You’d know that if you’ve read more than a few lines of any previous post. Of course, you’d also know that I’m not afraid to call out things when they could be improved.

On that note, I have just a few suggestions for this year’s International Credit Union Day campaign. In case you weren’t aware, the theme is, “Find Your Platinum Lining” (at a credit union). Because it’s the 70th anniversary of the event. And 70 means platinum. You knew that, right? I didn’t. Honestly, I thought it was for 75. Turns out that’s diamond (jewelry, to be precise). In fact, all I could find about the 70th anniversary linked it to UK tradition. Thus, Americans will have limited exposure to this “platinum year”. I’d be curious how many people under the age of 70 even make the connection. I asked some people of a variety of ages; none knew that Platinum and 70 went together.

Which raises another point: If our goal is to attract younger members, why use a terminology which they are unlikely to understand or relate? Of course, we’re not only looking to attract younger people, but, let’s be honest, they’re who you want. More Boomers are great, but a member with 50 years of major purchases and life changes ahead of them is substantially more valuable.

Slogan aside, let’s take a look at the unified messaging of the credit union movement (at least here in America). Their newest endeavor is “Open Your Eyes” (to a credit union). It’s a major investment with substantial marketing targeting, ahem, eyesnationwide, from TV to streaming services and even subway banners. Yet it isn’t connected to this ICU Day effort at all. Perhaps it’s not quite ready, because this seems like a missed opportunity.

Another point relating to the Open Your Eyes campaign; a major part was to study what people’s actual reasons for not joining a credit union really were. Turns out, it was two main points:

Thinking you had to be part of a certain company or group.
Concern that you had to leave if you moved, or risk not being able to access your money.

Those are valid concerns which we need to address as an industry. So does the ICU Day campaign do that? Not quite. It reiterates the tired, “we’re different and unique” platform. Great, you give back to your members. You have low rates. Some of the larger banks are already playing the same game. And, frankly, they’re better at it. Capital One just launched a new effort featuring their friendlier branches (“Cafés”), free checking, and other customer-centric offerings, while separating themselves from the “Big Banks”. Never mind they are one; their marketing presents them otherwise. And it is reallygood. Ally takes a similar approach, setting themselves apart from the “Big Bankers” who don’t care about you while making billions off your money.

More than a third of Americans are members of credit unions. Yet they have only 7% market share. That’s an enormous gap. And it won’t be solved by saying how low your rates are or that you give back. It’s providing reassurance that people can join, money can be accessed anywhere, and then empowering each CU to go deep on mission.

The big banks are better at differentiating themselves from “The Big Banks” than credit unions. This ICU Day, let’s open peoples’ eyes to credit unions by showing how they make each community better. And how, if you join (because you can!), you can both reap the benefits and help inspire growth as well.

That’s a platinum lining everyone can enjoy!

Happy International Credit Union Day!

Who’s Your BS Director?

October 2, 2018 / Joe Winn / 0 Comments

Originally published on CUInsight.com

It’s a requirement of every organization. They’re among the most important roles, ensuring all operations proceed smoothly!

Wait, why do you keep looking at me like that? What is it? BS? You know what it means. Oh, you’re thinking of that meaning. No wonder you’re so flustered!

BS is short for better systems. Because what else would it represent?

Imagine a BS Director. What would that look like? It’s no explicit role. They address auditing and accounting. They manage vendor relationships. It is even in their playbook to interact with members. They’re busy bees, learning as they go, continually developing BS for each action. They’re full of BS, and all they want to do is share it with others!

Good thing your credit union has no bad systems. Oh, but you do. Even if your member experience appears smooth as a glassy sea, there is some aspect where the waves pick up. It could be anywhere. Don’t worry, though. Your BS Director will help point them out, and suggest paths which navigate back to calmer waters.

And it doesn’t just have to be on the member-facing side. Maybe it’s way too much work getting that darn copy machine fixed. Or a certain regular action needs high-level approval, which wastes everyone’s time. It could be anything. BS Directors love variety.

Of course, as important as the BS Director is, they can’t do it alone. In fact, when did I ever say they were a single person? Your BS Director is every staff member (and sometimes even your members)! I know for a fact that many members of your team have great ideas. I’d bet some are sitting right now with suggestions which have never seen an executive retreat PowerPoint slide. BS Directors, everywhere you look! So why is it that we all don’t have BS oozing out of our very entities?

We don’t welcome it. Or, we let it be shared, then ignore it. At least where it doesn’t affect us or the bottom line of our organization. Maybe it was just inconvenient to bother at the time. Though, I’m sure no credit unions have ever passed on a good suggestion.

How do we ensure BS Directors in any role are respected and followed? By adopting a humble mindset: “Great ideas can and do come from all places. I’m open and eager to empower an environment of sharing!” Where your members feel welcomed to share how something would be better (and then see it adopted), it creates a tighter community. When your staff knows their feedback is taken seriously (they are the ones actually doing the work day to day!), you get those suggestions eagerly.

Can any of you remember a workplace where you feared repercussions for suggesting a better strategy? Or where the “best ideas” were from the boss, and the boss alone? Since most of us can, it’s our natural state. Your credit union needs to actively change that perception before people (members included) will be comfortable sharing. Let this article be your first BS Director. From here, in the words of Captain Planet, “the power is yours!”

TL;DR: Your members and staff have great ideas, but it takes a conscious shift to make people ok to sharing (and receiving).