The use of mobile devices is at an all-time high. According to a KPCB report, mobile digital media is now outpacing desktop usage. The report stated that adults with access to digital media use mobile 51 percent of the time compared to 42 percent for desktop usage and 7 percent for all other devices.

These statistics are far from shocking. Walk into a bustling restaurant during lunch hour and you will see mobile devices in the hands of businesspeople, students, children, parents and even retirees. The message is loud and clear: You must be able to reach your consumers via mobile devices.

Financial institutions seeking to remain competitive and keep customer satisfaction high must offer mobile access to their customer base. According to Community Banking Connections, “Many community banks recognize the value of mobile banking — it provides them with avenues and opportunities to reach geographically remote or rural markets, to focus on new markets, to innovate, to overcome infrastructure limitations and improve efficiency, to access payment systems or even simply to retain market share.”

Worried about mobile security? You should be. Read the white paper to learn more

The Major Mobile Banking Risks

With all this opportunity comes risk. Financial institutions must assume the risk associated with mobile banking. These risks come in many forms, including malware, corrupt apps, flawed authentication, lost or stolen devices and more.

Mobile Malware

Mobile devices have evolved from telephones to pocket-sized computers. Mobile users must recognize this and protect them in the same way they would their PC. Malware specifically targeting mobile devices has become a very real and prominent threat. Mobile malware can consist of viruses, Trojans, spyware, malvertising and rootkits.


Poor App Design, Configuration or Corrupt Apps

Using mobile apps for banking tends to be safer than logging in via your mobile browser. However, every mobile platform has unique characteristics that these apps must prepare for. Developers may not fully understand the risks associated with mobile banking and accidentally leave vulnerabilities open for fraudsters to exploit as a result.

Third-party apps open users up to a multitude of risks since these programs may leverage credentials from other applications — even if these apps have weaker security in place. For example, a shopping app could leverage your banking login information (username and password) to access your bank’s services to facilitate a transaction.

Unsecure Wi-Fi Networks

Free Wi-Fi is a coveted luxury for mobile device users. It can be found in restaurants, coffee shops, airports and many other public places. But when accessing free Wi-Fi, it is important to understand that the activity you are conducting may be visible to someone else.

Hotspots may be spoofed by fraudsters. For example, your local coffee shop’s network may be called FreeCoffee. A fraudster my set up Wi-Fi at or near that location called FreeCoffee1 to trick you into using that network.

According to the Financial Consumer Agency of Canada, “When using public Wi-Fi hotspots, you could also expose yourself to packet sniffers. Thieves using packet sniffers want your banking details and your personal information, such as your name, address or phone number. These personal details may be harmless on their own, but once they are combined, you can be at a higher risk for fraud.”

Mobile Device ID Vulnerabilities

Many financial institutions work to gather the device fingerprint for each mobile unit the customer uses. This involves collecting information about the device, which is then stored in a system to identify the true customer from a potential fraudster. However, fraudsters are a dynamic bunch of bad actors and have developed ways of fooling device fingerprinting methods.

Remote Deposit Capture Fraud

Check fraud is not a new issue. In fact, it remains one of the biggest types of fraud within a financial institution.

Remote deposit capture allows for users to snap a picture on their mobile device and deposit a check. While financial institutions have put rigid customer agreements and monitoring of this technology in place, fraudsters have found flaws in the system. For example, they have found ways to access the remote-deposit database, copied the images of thousands of checks and provided those reproduced checks to money mules to be moved out of the financial system.

Analyst Thoughts

An IBM study found 58 percent of security experts at financial institutions ranked mobile concerns as a risk indicator inhibiting their organization’s full deployment of a mobile security strategy. However, there are steps financial institutions and other consumer organizations can take to reduce their mobile fraud risks.

Organizations must better align their new-to-market technology teams with their security teams. Competition to introduce the latest and greatest thing to market will always be high, and organizations tend to fear that security teams will greatly slow down their go-to-market plans. By connecting these key players early in the development process, many risks can be identified in correlation to the creation.

Organizations must adopt mobile malware detection and technology solutions. Having the right tools in place to stop threats is key to safeguarding consumers and financial institutions alike. Take First Data Corporation as an example: It is one of the largest payment processing organizations in the world, working with about 6 million businesses and 4,000 financial institutions worldwide. It takes its security practices very seriously and works to identify best-in-industry business processes and solutions. It believes in taking a holistic approach to security, compliance and risk management.

To do this, it tracks mobile device usage and use analysis to determine whether to allow access to the consumer’s banking information. First Data Corporation proactively manages threats to ensure safety, but with no interruption to the consumer’s process.

Advancements in mobile technology allow people to do a number of things. They can attain information and resources from their organization from any location to enhance business product ability. They can pay bills, purchase clothing, talk to family and friends, check social media and much more.

New technology has the ability to increase productivity and profits. With these benefits come risks — and it is important to get in front of them before they strike!

Mobile security isn’t just about mobile fraud. Read the white paper to learn more

More from Banking & Finance

Cost of a Data Breach: Banking and Finance

The importance of cybersecurity has touched almost every industry. Beyond that, robust cybersecurity is table stakes for several sectors, particularly health care and the banking and finance industry. Not only is financial data at risk, but so is customer trust. In banking and finance, trust means everything. Yet, consumers are hesitant to share their confidential data. A recent McKinsey survey revealed that no industry achieved a trust rating of 50% for data protection. Here’s the most sobering stat: 87% of…

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable and decision-useful” information to investors. Not yet adopted, these new rules – published in the Federal Register on March 23 – could change reporting requirements. Take a look at some of the big-ticket items and what your organization needs to know.…

SEC Proposes New Cybersecurity Rules for Financial Services

Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies and business development companies (funds). Next, the proposal will go through a public comment period until May 9.  The Importance of Cybersecurity in Finance The 2021 X-Force Threat Index found that financial services were the most targeted industry. Manufacturing beat out…

Top Security Concerns When Accepting Crypto Payment

From Microsoft to AT&T to Home Depot, more companies are accepting cryptocurrency as a way to pay for products and services. This makes perfect sense as crypto coins are a viable revenue source. Perhaps the time is ripe for businesses to learn how to receive, process and convert crypto payments into fiat currency. Still, many questions remain. How can you safely enable customers to pay with Bitcoin or other digital currency? What are the security risks that come with cryptocurrency? Let’s…