MyCard

While no doubt a marketing coup this is a security nightmare. Could you make it any more generic, less unique and in a place flooded with similar names? Confusion is not only likely but impossible to avoid.

MyCardApp

Yes you can make it more confusing … the help lines say the app is apparently not going to be called MyCard but MyCardApp

Tell your customers to act but its not ready yet

While the SMS does say that from date you will need to … that is in the middle of the message. Anyone acting on the SMS now will not find the app and if you search for it you will get to the most generic web site ever (https://www.mycard.com.au) and a wide collection of apps which have nothing to do with NAB.

Not linking from the trusted source to the new one

There is an existing website with FAQ but it does not:

• link to the placeholder
• disclose the new app isn't available

What we can learn from this

A few hints that might make things a bit more difficult for the scammers.

• Don't leave a void a scammer can lurk in.
• Link from trusted information sources to the new sources - this allows the user to have some confidence in the data
• Make sure you have placeholders for everything web site and app (even if the app does is the equivalent of a coming soon notice)
• Make sure your customer service operators are fully briefed with the full information about URLs, App names etc
• Never make the customer search for something (you can't control what they will find)
• Don't make a call to action prior to being ready for an action

While CitiBank and NAB are to be praised for trying to communicate the change to their customer they appear to have generated more opportunities for error than solutions.

The only good thing about this experience is the change is not being conducted in October (Cyber Security Month) as the irony would be too much.

Tags: Banking