announcements‎ > ‎

My PIN is 4321

posted Sep 14, 2012, 6:28 AM by Ignasi Mas   [ updated Sep 14, 2012, 6:29 AM ]

 [From CGAP blog, 13 September 2012] 

There, I’ve told you. So what do you think of me now? Am I: (a) illiterate, (b) ignorant, or (c) irresponsible?

I am frequently subjected to anecdotes about how some people who are new to banking or mobile money share their PINs, or soon forget them. That is taken as prima facie evidence that PINs may not be appropriate as an authentication mechanism for the poor. In the same breath in which we marvel at how the poor are sophisticated portfolio managers per Portfolios of the Poor, we question whether they can handle four digits. 

There may be two other reasons why people share their PINs. (d) is because it may be entirely harmless to do so, for instance because the account may be used very seldom and there is rarely any money in it anyway. When the account is no treasure, the PIN will not be cherished. The implication is clear: you want your customers to treat their PIN more seriously? Give them more reasons to value your service.

A further reason why people share their PINs is (e) because it may actually be useful for them to have someone else know it. For instance, because they use the account only to collect G2P payments and instead of everyone having to go to a distant ATM or agent to collect their cash, they take turns and collect payments for each other. Why not?

When people do something with your product that you don’t want them to do, the reaction shouldn’t be “educate!” but rather to see what about the product can be changed to accommodate the behavior of the customer in a better way. Take case (e), and start from the premise that it’s entirely legitimate for rural or aged customers to cash out money for each other. How about if, under the ‘withdrawal’ entry in your mobile phone service, in addition to specifying the amount and confirming it with your secret PIN, you could choose between an ‘in person’ and a ‘through a friend’ withdrawal? The latter would generate a code (one-time password), and that’s what you share with your friend or neighbor who is going to fetch the cash for you. (Imagine that the cash-out fee is charged at this point, and the actual collection of the cash –which needs to happen within, say, 12 hours— is free.) It’s similar to how ‘sending money to non-customers’ or ‘ATM withdrawals’ work on many mobile money systems, so the concept is hardly new. But now I have a way of asking someone else to collect my money, without that forcing me to be irresponsible with my PIN.

This product feature may or may not be a good idea; for starters, one would need to find ways to minimize the P2P cannibalization risk. But I’d like to stress three broader points. First, it’s risky to infer people’s capacity from their modalities of use of your product, because the problem may be with your product. Second, some things that might seem like a small feature in some contexts may be core to the proposition being marketed in others. This nifty ‘withdraw through a friend’ capability might be absolutely core to a mobile money platform that is targeting G2P payments as a driver of transactional volume. Third, biometric solutions to the PIN-sharing issue are an over-reaction, not only because of the costs they entail but also because they work only by eliminating choice. Once the money is in my account, why can’t I decide how it gets picked up?