Have you ever tried to select a web analytics for financial services and banking? If you haven’t, let us warn you: it’s not a walk in a park. It’s more like cutting your way through the jungle of data privacy rules and regulations you’ll have to adhere to.
You won’t have the luxury of settling for any sort of “market standard”, and many other popular products won’t meet the demands of your organization as well.
Why is this the case?
Firstly, there is a large number of regulatory regimes and laws that financial institutions have to comply with. For a multinational company these would typically include:
Payment Card Industry Data Security Standard (PCI DSS),
GLBA Safeguards Rule,
Gramm-Leach-Bliley Act (GLBA),
Dodd-Frank Wall Street Reform and Consumer Protection Act,
The Sarbanes-Oxley Act (SOX),
…and a few more.
Although the sheer volume of legislation seems a bit overwhelming, remember that they all serve customers’ best interests.
This is especially true when we consider that the finance industry uses extremely sensitive data – not only PII (Personally identifiable information) but also PFI – Personal Financial Information – like account passwords, tax information, credit reports, credit card security numbers, and a lot more. Breaches of that kind of data are extremely dangerous, so PFI has to be handled and protected with great respect for its value.
When SaaS is not an option
Secondly, although every financial institution can develop strict rules about data privacy, there’s always a threat that other companies will apply lower standards in their work.
Most of today’s web analytics solutions offer tools based on the SaaS model, in which the vendor provides not only the software and platform, but also the infrastructure where your data is stored. This solution has become popular for several reasons, including because it’s cheaper and easier to implement.
Unfortunately, those qualities don’t necessarily sound appealing to multinational financial institutions – the remote locations of cloud servers don’t comply with privacy regulations in many countries.
And the list of potential obstacles doesn’t stop there.
The lion’s share of SaaS vendors defines their terms and conditions in a way which doesn’t allow users to store any sensitive personal data on their infrastructure.
Let’s be honest – that’s not surprising at all. Extremely sensitive data tends to make one’s database prone to attacks and therefore requires more protection, increasing maintenance costs. So it’s easier to limit one’s liabilities and not store it at all.
Of course, there is a way to work around those things, especially if you can find a vendor offering servers in locations that will satisfy your needs. You can, for instance, use anonymization techniques, partial hashing or other methods of permanent data encryption and therefore still take advantage of one of SaaS-based solutions. But this means that you’ll also lose lots of valuable insights hidden in the information that comes from your users. So why bother with collecting it at all?
Fortunately there is another way. Although more than 90% of solutions available on the market will not meet your needs, there are some tools that can satisfy the expectations of data-sensitive businesses like yours. You just have to know what to look for.
In this article we outline the most common problems people face (and eventually overcome!) when seeking a web analytics suite for organizations working in the financial industry.
Problem #1
You want to analyze actions by users that are already logged in
One of the most serious problems you’ll run into is that a massive amount of what you want to analyze is hidden behind a so-called “login form” – that’s where your customers check their card balance, buy new financial products and perform other actions that may potentially drive your interest.
If you want to monitor traffic and gain valuable insights about your users’ behavior and actions, you have no choice but to use the most secure means of data collection available.
This automatically eliminates the option of Javascript tracking, a solution known for the high granularity of reports it can help us generate. Unfortunately, because it requires inserting additional lines of code into your website, JS introduces all the possible dangers that come with third-party vendors.
Solution: Web Log Analytics instead of JavaScript tracking
Sometimes less data is better than no data at all. This is when server log analytics might come in handy.
Log analytics is a tracking method that serves as a great alternative to Javascript. In contrast to JS, log analytics complies with strict security regulations (including PCI and the Sarbanes-Oxley Act), because the log analytics data remains on your own servers.
This is why it’s becoming the go-to solution for every data-sensitive organization.
Reports created using web log tracking might not be as detailed as ones from Javascript, but this doesn’t necessarily mean that logs offer nothing in return. They:
are more reliable (no spam included!),
can analyze historical data ( traffic on your website from before you started using this method),
are much easier to implement (no need to add pixels or tags to every page of your website),
allow you to track users with Javascript turned off.
Furthermore, when using web logs you obtain many actionable insights. These can be used to easily examine the performance of every product page and track the behavior of users logged into your system. This will help you gain a better understanding of what drives your customers to choose a particular product or investment without raising any concerns about data privacy violations. Not bad, eh?
Aware of these advantages, Piwik PRO offers Web Log Analytics as an option dedicated to every privacy-sensitive company.
If you want to get deeper into the subject of JavaScript and web log tracking, check out this blog post.
Problem #2
You don’t want adblocking software to skew your data
It won’t be an exaggeration to say that adblocking software companies right now are having the time of their lives.
According to “The 2015 Ad Blocking Report” by Page Fair and Adobe, in Q2 2015 adblocking software was installed on more than 198 million devices around the world. What’s more, at the same time the usage of ad blockers nearly doubled in the United States alone (compared to the previous year) and totalled over 48 million browser plugins used on a daily basis.
Unfortunately, adblocking software can block not only ads and cookies but also your revenue. Page Fair estimated that in 2015 the rising popularity of ad blockers cost publishers nearly 22 billion dollars!
As if this wasn’t bad enough, it can also do a lot of harm to your web analytics reports, especially if you’re using JavaScript tracking and rely mostly on information gained from cookies.
Solution: Use web logs!
Using Piwik PRO on-premises combined with web logs will allow you to bypass adblockers and operate on complete data. This is all thanks to the fact that logs – in contrast to JavaScript tracking pixels – are not detectable by ad blockers and can collect information regardless of any software your users have installed.
If you want to learn more about adblocking and web analytics data accuracy, we encourage you to check out this blog post.
Problem #3
You want to be able to store web analytics data on your own servers
Data breaches tend to be very expensive. A report from last year by the Ponemon Institute showed that the average total cost of a data leak is $4,000,000. This number includes fines imposed by public authorities, fixing what broke after the hacking attack, and also lost business opportunities.
But the hidden cost of these breaches is much more harmful and practically immeasurable – it’s almost impossible to restore credibility after a mishap of that sort. What might be forgiven for a start-up won’t be forgotten in the case of a financial industry company.
That’s why you’re probably considering storing your web analytics data on the infrastructure of your choice, taking advantage of self-hosted servers or the services of high-security server providers. This will let you provide the level of safety your sensitive data requires.
Unfortunately, most web analytics vendors don’t give you that option.
Solution: On-premises instead of SaaS (or basically any other) model
As we’ve already said, you may want to seek a solution that allows you to take care of your data by yourself. For example, you might take a look at Piwik PRO On-Premises, a web analytics stack that provides 100% data privacy and protection.
Piwik PRO isolates the front end (the data receival endpoint) from back end (the server holding the data). To put it more clearly: this means that browser requests are separated from the place where your data is being stored and archived at specified time intervals (for example, every other day or even more frequently).
This gives you 100% ownership and control over your data. Archiving is done on your internal server, which you can keep in a bomb shelter underneath your company’s heavily-guarded headquarters, or in any place of your choosing. So you don’t have to rely on third-party infrastructure and you’re free to apply your own security standards.
Want to learn more on the differences between SaaS and on-premises web analytics? Then you should definitely read this blog post.
Problem #4
You want to do business in Russia or China
For a multinational enterprise one of the most important challenges is to adhere to laws and regulations applied in every country it operates in. This may include Russia and China – two massive and extremely promising markets with some of the strictest data privacy policies anywhere.
China
Although the government of the People’s Republic of China has announced that upcoming regulations on personal data will aim at creating a universal framework for all cross-border data transfers, things right now are rather different. At present, the international transfer of PFI (Personal Financial Information) of Chinese citizens is strictly prohibited.
An even bigger problem is connected with the so-called “Great Chinese Firewall”, responsible for the fact that up to 50% of the traffic on your websites can remain undetected by your web analytics tool. This is especially true if you are using Google Analytics combined with JavaScript tracking. Since GA is not allowed to operate in China, data collected using this technique may be extremely unreliable.
Russia
The situation in Russia offers little cause for optimism as well. Federal Law 526-FZ, which came into force in September 2015, states that all personal information acquired from users based in Russia is regarded as personal data and therefore must be stored on Russian territory.
Companies and organisations which violate those terms can face severe consequences. The new law affects almost every business operating in Russia. LinkedIn has already learned how serious Roskomnadzor (the federal executive body responsible for overseeing the media) is about it.
Solution: Go On-Premises!
The easiest way to overcome those obstacles is – once again – to deploy Piwik PRO On-Premises and:
host all the collected data on local self-hosted servers, and also
make use of web log analytics instead of JavaScript tracking.
This will allow you to collect and evaluate 100% of your website traffic without any interruption or the threat of potential governmental fines or prosecutions.
Problem #5
You want your web analytics reports to be as reliable as they can be
Firstly, you may want to know what data sampling really is.
Data sampling occurs when only a subset of your traffic is selected and analyzed to estimate overall results. This method is commonly used in situations like public opinion polls, where it’s rather impossible to survey every person qualified to take part in the questionnaire.
Unfortunately, what may work perfectly fine for testing and measurement companies is no good for web tracking. This is especially true when your website experiences huge traffic volumes on a daily basis. In that case the more information sampled, the less reliable your reports become.
If you want to learn more about the potential pitfalls of data sampling, you should definitely get acquainted with this blog post.
Most popular web analytics tools use it anyway. With Google Analytics, data sampling takes place when monthly traffic exceeds 500,000 (standard version) or 25 million actions (Google Analytics Premium). This may become a problem in either one of those scenarios:
If you’re an enterprise-level organization with a certain amount of users visiting your website (as you probably are), and
If you want to use your data to generate reports using other tools than your web analytics suite.
Is there any way to overcome these issues?
Solution: Just don’t go for tools that sample your data – it’s easier than you think
Fortunately, in Piwik PRO the amount of records that can be tracked is much higher than in both Google Analytics and Google Analytics Premium. Therefore you can benefit from web analytics reports based on total website traffic by default. Thanks to advanced segmentation methods you can also easily group and identify the most valuable traffic sources within your audience.
What’s more, you can still use raw data collected by Piwik PRO to create reliable reports with the tools of your choice. Any way you want it, that’s the way you get it.
All this means you can be 100% confident that the consumer insights obtained from your web analytics tool are fully reliable.
Problem #6
You want to analyze the performance of your intranet websites
It’s possible that you’ve never considered this to be an important asset for your web analytics stack. Intranet analytics might be not that interesting for small or even medium-size organizations. But for enterprises with huge amounts of internal traffic it is a must.
Why? Analyzing data from SharePoint or Confluence can help you optimize the online experience of your employees and encourage them to share their knowledge and make use of the materials already available via your intranet communication tools. What’s more, analytics can help you identify and track the most engaged employees with the biggest impact on your organization.
It can also detect the weakest links of your internal communication: sites that are cluttered with information and virtually unusable. The potential benefits are obvious and extensive.
Solution: web analytics with intranet analytics capabilities
In that case it’s advisable to find a web analytics suite that provides you with two types of data, that is, about actions taken by both your users and your employees. In Piwik PRO, Intranet Analytics (or SharePoint Analytics and Confluence Analytics to be more specific) is available with every premium payment plan.
There’s no risk, so give it a try and see how useful you’ll find it!
Web analytics for financial services & banking – some conclusions
We know that the problems your company faces may vary from those discussed above. Nevertheless, we hope that you’ll find our tips useful in your quest to find a web analytics tool geared for your specific needs and requirements.
We’re confident that Piwik PRO can provide solutions to many of your most pressing problems.
In the meantime, feel free to contact us and learn more on how Piwik PRO On-Premises functionalities and features can help you comply with even the strictest privacy laws and regulations.
Looking For A Perfect Web Analytics?
Download our comprehensive comparison of Piwik PRO, Google Analytics, Webtrends, Adobe Analytics and Etracker.
Download Free PDF
The post 6 Problems to Solve When Choosing Web Analytics for Financial Services And Banking appeared first on Piwik PRO - Cloud and Enterprise Analytics.