Authored by Ayelet Avni.

End users will always make mistakes; this the nature of being human. So let’s admit it: We are the weakest link when it comes to security. We do not always pay attention to the details — we just want to get it done and move on to the next thing.

To Err Is Human

These days, especially in the realm of mobile, we do things on the go. Sometimes we even do the important things, like listening to our children or talking to our spouse, while simultaneously doing something else. And increasingly, that something else is using mobile devices.

By doing multiple tasks at once and paying even less attention than normal, it becomes even easier to make a mistake. That could be clicking a link in an email without verifying the exact address or mindlessly entering your banking credentials on a mobile app that might not be authentic.

This lack of concentration creates a valuable — and dangerous — opportunity for fraudsters.

It is well-known that today’s cybercriminals leverage advanced technologies and have access to collaborative communities. Combine this with a victim’s unintentional mindlessness and the fraudsters basically have an open door to your data and money.

Mobile Fraud Is Escalating

Fraud attacks are creative and well-planned, and fraudsters learn quickly how to turn their targets into victims. For example, if a phishing campaign looks too obvious, then it may only fool audiences that aren’t security-literate. More informed targets require a more sophisticated campaign.

In the mobile arena, fraud attacks must be equally well-designed and provide an excellent user experience since customers are sensitive to design issues. In these cases, even a security-oriented audience may be tricked and believe that the bank is the one that asking them to reauthenticate as part of the app journey.

Fighting human nature and rejecting technology are both fruitless pursuits. Instead, the solution is to make sure banks and financial institutions implement the proper protections for online and mobile banking customers. If the user is the weakest link, it follows naturally that endpoint protection should be strong — stopping fraud at the very first stage.

Having protection on the mobile device for online banking is not a question of advantage or a great differentiator; it is essential. The trends that we see emerging and the speed at which mobile banking fraud is evolving should be a signal to us all.

Read the white paper: Accelerating growth and digital adoption with seamless identity trust

more from Banking & Finance

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable and decision-useful” information to investors. Not yet adopted, these new rules – published in the Federal Register on March 23 –…

SEC Proposes New Cybersecurity Rules for Financial Services

Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies and business development companies (funds). Next, the proposal will go through a public comment period until May 9.  The Importance of…