Improving transaction security for financial institutions
Mobile technology is changing the way we conduct financial transactions. With more and more consumers relying on mobile technology to perform everyday activities, the mobile channel now represents nearly two out of three (65%) of all transactions for financial institutions.
Data from the ThreatMetrix Global Trust Intelligence Network shows that for financial institutions, mobile app transactions provide the highest level of security for banks and consumers. But that doesn’t mean that mobile apps are threat-proof—financial institutions need to do more to secure apps and mobile-based transactions from the dangers posed by increasingly sophisticated cyber thugs.
The mobile threat to financial institutions
Mobile banking is appealing because it is convenient, enabling time-strapped consumers to perform a wide range of on-the-go financial transactions. Yet, there is a perception among providers that mobile increases the potential for fraud. According to a recent industry study, approximately one in three merchants surveyed believe that mobile is “somewhat riskier” than standard web commerce.
In fact, the prevalence of spoofing, malware and other threats actually do present several unique security challenges that online retailers and financial institutions need to address:
Mobile Usability. Today’s consumers demand feature-rich mobile experiences. In response to consumer demand, financial institutions often sacrifice robust back-end security features for improved usability.
Browsers. Unfortunately, most mobile browsers don’t provide the same level of security as their desktop counterparts. Why? Because in many instances, mobile browsers simply don’t allow for the scope and accuracy of information that banks rely on to provide robust cybersecurity.
Security Features. Mobile banking transactions tend to have fewer fraud prevention features than desktop transactions. Traditional OOB (Out-of-Band) authentication features don’t work on mobile, and mobile and non-mobile transactions are often not scored uniformly.
Across the board, financial institutions need to do more to improve security. Although there are several security strategies banks should pursue, one of the best strategies involves a mobile resource that is already familiar to most consumers: mobile apps.
Leveraging mobile apps for improved cybersecurity
Mobile apps offer a variety of benefits to both consumers and financial institutions. A carefully designed app can be tailored to provide consumers unique and seamless mobile banking experiences, while giving banks greater control over the security of transactions.
According to the Federal Reserve Board, 51 percent of smartphone users have used a mobile device to conduct banking activities within the past 12 months. Additionally, more than half of all mobile banking users have installed banking applications on their devices and use them to perform financial transactions.
From a security standpoint, the increased use of mobile apps for financial transactions is a positive development. However, financial institutions can further mitigate the risk of fraud by incorporating a few, simple guidelines into their mobile security strategies and app development agendas.
Improved Back-end Processes. The pressure to rapidly release new or improved mobile apps into the marketplace can be intense. But financial institutions’ first priority should always be the inclusion of robust back-end processes and security features—even if it means delaying app release dates.
More Focus on Security. Financial institutions should never force themselves to choose between security and usability. In today’s mobile environment, banks need to reorient their philosophies, making both security and usability top-level priorities in their mobile strategies.
User Education. Many mobile security threats can be avoided through basic device security practices. By educating users about the importance of mobile anti-virus/malware solutions and the dangers of giving untrusted individuals access to devices, financial institutions can significantly reduce incidents of fraudulent activity.
The popularity of mobile transactions makes the mobile channel an attractive target for cyber criminals. By implementing better mobile security practices now, banks and financial institutions can significantly reduce risk and create a security environment that generates business advantage.