The use of mobile devices is at an all-time high. According to a KPCB report, mobile digital media is now outpacing desktop usage. The report stated that adults with access to digital media use mobile 51 percent of the time compared to 42 percent for desktop usage and 7 percent for all other devices.

These statistics are far from shocking. Walk into a bustling restaurant during lunch hour and you will see mobile devices in the hands of businesspeople, students, children, parents and even retirees. The message is loud and clear: You must be able to reach your consumers via mobile devices.

Financial institutions seeking to remain competitive and keep customer satisfaction high must offer mobile access to their customer base. According to Community Banking Connections, “Many community banks recognize the value of mobile banking — it provides them with avenues and opportunities to reach geographically remote or rural markets, to focus on new markets, to innovate, to overcome infrastructure limitations and improve efficiency, to access payment systems or even simply to retain market share.”

Worried about mobile security? You should be. Read the white paper to learn more

The Major Mobile Banking Risks

With all this opportunity comes risk. Financial institutions must assume the risk associated with mobile banking. These risks come in many forms, including malware, corrupt apps, flawed authentication, lost or stolen devices and more.

Mobile Malware

Mobile devices have evolved from telephones to pocket-sized computers. Mobile users must recognize this and protect them in the same way they would their PC. Malware specifically targeting mobile devices has become a very real and prominent threat. Mobile malware can consist of viruses, Trojans, spyware, malvertising and rootkits.


Poor App Design, Configuration or Corrupt Apps

Using mobile apps for banking tends to be safer than logging in via your mobile browser. However, every mobile platform has unique characteristics that these apps must prepare for. Developers may not fully understand the risks associated with mobile banking and accidentally leave vulnerabilities open for fraudsters to exploit as a result.

Third-party apps open users up to a multitude of risks since these programs may leverage credentials from other applications — even if these apps have weaker security in place. For example, a shopping app could leverage your banking login information (username and password) to access your bank’s services to facilitate a transaction.

Unsecure Wi-Fi Networks

Free Wi-Fi is a coveted luxury for mobile device users. It can be found in restaurants, coffee shops, airports and many other public places. But when accessing free Wi-Fi, it is important to understand that the activity you are conducting may be visible to someone else.

Hotspots may be spoofed by fraudsters. For example, your local coffee shop’s network may be called FreeCoffee. A fraudster my set up Wi-Fi at or near that location called FreeCoffee1 to trick you into using that network.

According to the Financial Consumer Agency of Canada, “When using public Wi-Fi hotspots, you could also expose yourself to packet sniffers. Thieves using packet sniffers want your banking details and your personal information, such as your name, address or phone number. These personal details may be harmless on their own, but once they are combined, you can be at a higher risk for fraud.”

Mobile Device ID Vulnerabilities

Many financial institutions work to gather the device fingerprint for each mobile unit the customer uses. This involves collecting information about the device, which is then stored in a system to identify the true customer from a potential fraudster. However, fraudsters are a dynamic bunch of bad actors and have developed ways of fooling device fingerprinting methods.

Remote Deposit Capture Fraud

Check fraud is not a new issue. In fact, it remains one of the biggest types of fraud within a financial institution.

Remote deposit capture allows for users to snap a picture on their mobile device and deposit a check. While financial institutions have put rigid customer agreements and monitoring of this technology in place, fraudsters have found flaws in the system. For example, they have found ways to access the remote-deposit database, copied the images of thousands of checks and provided those reproduced checks to money mules to be moved out of the financial system.

Analyst Thoughts

An IBM study found 58 percent of security experts at financial institutions ranked mobile concerns as a risk indicator inhibiting their organization’s full deployment of a mobile security strategy. However, there are steps financial institutions and other consumer organizations can take to reduce their mobile fraud risks.

Organizations must better align their new-to-market technology teams with their security teams. Competition to introduce the latest and greatest thing to market will always be high, and organizations tend to fear that security teams will greatly slow down their go-to-market plans. By connecting these key players early in the development process, many risks can be identified in correlation to the creation.

Organizations must adopt mobile malware detection and technology solutions. Having the right tools in place to stop threats is key to safeguarding consumers and financial institutions alike. Take First Data Corporation as an example: It is one of the largest payment processing organizations in the world, working with about 6 million businesses and 4,000 financial institutions worldwide. It takes its security practices very seriously and works to identify best-in-industry business processes and solutions. It believes in taking a holistic approach to security, compliance and risk management.

To do this, it tracks mobile device usage and use analysis to determine whether to allow access to the consumer’s banking information. First Data Corporation proactively manages threats to ensure safety, but with no interruption to the consumer’s process.

Advancements in mobile technology allow people to do a number of things. They can attain information and resources from their organization from any location to enhance business product ability. They can pay bills, purchase clothing, talk to family and friends, check social media and much more.

New technology has the ability to increase productivity and profits. With these benefits come risks — and it is important to get in front of them before they strike!

Mobile security isn’t just about mobile fraud. Read the white paper to learn more

More from Banking & Finance

2022 Industry Threat Recap: Finance and Insurance

The finance and insurance sector proved a top target for cybersecurity threats in 2022. The IBM Security X-Force Threat Intelligence Index 2023 found this sector ranked as the second most attacked, with 18.9% of X-Force incident response cases. If, as Shakespeare tells us, past is prologue, this sector will likely remain a target in 2023. Finance and insurance ranked as the most attacked sector from 2016 to 2020, with the manufacturing sector the most attacked in 2021 and 2022. What…

How to Spot a Nefarious Cryptocurrency Platform

Do you ever wonder if your cryptocurrency platform cashes in ransomware payments? Maybe not, but it might be worth investigating. Bitcoin-associated ransomware continues to plague companies, government agencies and individuals with no signs of letting up. And if your platform gets sanctioned, you may instantly lose access to all your funds. What exchanges or platforms do criminals use to cash out or launder ransomware payments? And what implications does this have for people who use exchanges legitimately? Blacklisted Exchanges and Mixers…

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

Why Cybersecurity Risk Assessment Matters in the Banking Industry

When customers put money in a bank, they need to trust it will stay there. Because of the high stakes involved for the customer, such as financial loss, and how long it takes to resolve fraud and potential identity theft, customers are sensitive to the security of the bank as well as fraud prevention measures. Banks that experience high volumes of fraud are likely to lose customers and revenue. The key is to protect customers and their accounts before problems…