The Top Challenges of Mobile Banking Security

Ran Shulkind

Co-founder & CPO at SecuredTouch

Views 817

The Top Challenges of Mobile Banking Security

27.11.2017 06:30 am

Banking as we know it is changing. Initiatives such as Open Banking and regulatory frameworks like PSD2 are creating the driving forces to open up once closed banking platforms, creating a tremendous push for innovation. New banking players are also entering the space, bringing with them new forms of banking such as Peer-to-Peer payments, often built around mobile apps.This disruption is resulting in massive growth in the sector; the market for P2P growing by 271 percent to $130 billion in 2016.

At the same time, adoption rates of mobile banking apps is growing exponentially as well: according to a report by Juniper Research, 1 in 3 adults across the world will use mobile banking by 2021.  

Challenges come with any change in the way we do business. A more open network and different ways of moving money open new opportunities for online banking fraud. Mobile banking fraud prevention is an area that has many challenges, but one where certain technologies, including continuous authentication, have the potential to provide a solution. 

The Challenges in Mobile Banking Security

Fraud is the bugbear of banking, costing the UK economy alone potentially 193 billion GBP per year. In a previous blog post on “On The Go: How Mobile Redefines The Way We Bank” we talked about how mobile banking was disrupting the industry and how online fraud will most likely move towards the mobile platform.  

As mobile device use for banking increases, it creates new opportunities for fraudsters, giving malicious actors new inroads into our bank accounts and personal data. A McAfee survey of mobile threats found they are “steadily growing” with banking Trojans that can steal login credentials, increasing by 40%. One such Trojan is the infamous ‘Faketoken’ which overlays a fake UI and can even steal SMS codes sent to users for second-factor authentication. 

Security Measures That Ignore User Experience Lose Relevance

Compounding the problem of mobile banking malware is user behavior. An ACI report found that more than half of consumers show risky behavior and do not understand the risks of fraud. In a report by Accenture on mobile banking, they found that a staggering 43% of users do not even use a passcode to manage access to their device. Why is this? The answer lies in friction. Asurvey found that 74% of organizations who implement second-factor authentication (2FA) had complaints from their users about it. As a result of increased friction, users often avoid two factor authentication even when conducting sensitive transactions on mobile devices. According to studies, consumers generally use static passwords instead.

Mobile devices have a number of security issues that have either been inherited from general Internet security known issues or have become inherent in the platform. The OWASP Top Ten Mobile security threats for 2016, lists the 10 most common security issues in mobile devices; in at number 4 is insecure authentication.

Solving the Challenges of Mobile Banking and Security

Mobile banking is convenient and customers are taking it up droves. But the banking community needs to protect both money and the reputation to provide exemplary service - both on and offline. In the report by Accenture, they conclude that: 

“Based upon our analysis and observations, multi-factor authentication makes online banking more secure by reducing the exposure for the single greatest threat to account takeover, phishing and misappropriated account credentials.”

We need to have strong authentication measures in place to prevent fraud. But we cannot afford to prioritize security over customer experience any longer.  Having a forward-thinking program in place to build secure and user friendly mobile banking will bring rewards to the banking sector.

Multi-factor authentication can be seen as a layer of friction for the user. However, using it smartly can balance both the security and the UX of mobile banking. The use of behavioural biometrics takes multi-factor authentication to a  new level of both security and usability. It uses the natural interactions that users have with their mobile devices to identify patterns of behavior to validate and refine authentication for mobile banking applications. It solves the dual challenge of user authentication fatigue and mobile banking malware.

Making Mobile Banking Secure

The Federal Reserve identified 77% of mobile phones used in the U.S. are smartphones, and the use of mobile banking is set to rise. This picture is likely to be repeated across world geographies. 

Limitations of authentication models for mobile banking apps mean bank CISOs need to approach fraud detection differently. Banks who provide a secure and at the same time frictionless mobile banking experience will be rewarded with happier customers who will spread the word. Having a system of continuous authentication built on smart behavioral biometrics can bridge the gap between usability and security to create frictionless mobile banking experience.

This article originally appeared at: SecuredTouch

Latest blogs

Russell Bennett Fraedom

How banks can strengthen relationships with their SME customers – Five Top Tips

SMEs make up the vast majority of businesses across the UK and with many focused on rapid and dynamic expansion, they present mass growth opportunities for commercial banks. However, to really untap this potential and gain trust and creditability Read more »

Howard Berg Gemalto

Banking and payment predictions for 2019 from Gemalto

The rise of digital identities The meshing of the physical and digital world will bring significant changes to how we think about our identities. In 2019 we’ll see a global shift towards digital identification systems, driven by banks, mobile Read more »

Frederik Mennes Security Competence Center

Open Banking standards and new technologies will bring innovation to financial services

One of the most important trends we’ll see in 2019 is the global adoption of Open Banking, especially in the United Kingdom, the European Union and Asia-Pacific (primarily in Singapore, Hong Kong and Australia). Open Banking allows third-party Read more »

Andrew Davies Fiserv

Managing Risk in the Era of Customer Experience

Delivering an excellent customer experience and managing risk are among financial institutions’ top priorities. Notably, these priorities are solidly linked: as life moves faster and new technologies are introduced to help make our financial lives Read more »

Tony Pepper Egress Software Technologies

Tony Pepper, CEO of Egress Software Technologies comments on Fax machines banned across the NHS

It is difficult to believe that such an outdated and unsecure system is still being used by the NHS when we consider the confidentiality of the information contained within patient records. According to the BBC, as many as 9,000 fax machines were Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App