As customer use of mobile banking increases, so do hacking attempts to breach banking security systems that’re set to protect mobile applications. Retail banks in particular, need to evaluate their current mobile security measures and carefully choose a platform that provides added layers of protection.
According to the Federal Reserve’s mobile banking survey of consumers for 2016, 53 percent of all smartphone users had used mobile banking in the previous year, up from 43 percent a year earlier. “With increased dissemination of technology and a broadening array of options, consumer adoption of mobile financial services has risen,” the federal agency said.
But the survey also found that 73 percent of the respondents who did not use mobile banking cited concerns about security systems as the reason for their lack of willingness to use the services.
Mobile Security Threats Increase
Their security concerns were well founded. According to Symantec’s 2017 Threat Assessment, the number of overall mobile malware detections reached 18.4 million in 2016, up from 9 million in 2015. Looking at the larger picture, the firm also said there was a slight decrease in the overall number of malicious mobile app variants detected, with a drop of 8 percent between 2015 and 2016. Among the common types of malware detected included applications that targeted stealing banking information and spreading ransomware.
Symantec said mobile banking malware, which creates an overlay of the currently running application, has been temporarily reduced by continuous software updates. But it noted, ominously, that hackers were looking for workarounds.
HID Global, a US online security firm, said that in addition to those malware concerns, “an ever-evolving cyber threat landscape and the rapidly expanding Internet of Things, means that finding a way of making mobile banking more secure is crucial.”
A Multi-Layered Approach to Security
In addition to stepping up protection on the consumer end of the transaction, banks need to update their banking security systems back ends that recognize and facilitate user requests through mobile devices. Ultimately, financial services firms employ a mobile security platform that offers a multilayered approach utilizing a wide assortment of authentication methods to identify the customer and provide end-to-end protection.
One such mobile security platform is Samsung Knox, which offers defense-grade security by building a hardware-rooted trusted environment. Knox checks the cryptographic signature of each piece of key software, using unmodifiable values built right into the chip of a smartphone. It is designed to separate, isolate, encrypt and protect data from attackers. It also offers management tools and utilities to meet the security needs of a large enterprise such as a bank.
One of the key features is Knox Customization, which enables an enterprise to have extended control of user experience, and what can be seen on each device. This gives a bank or financial services firm the ability to set different levels of access depending on the type of user, such as employee or customer, and different levels of clearance. It also enables another layer of security with geofencing, a virtual perimeter that monitors a location to see if a portable device lies within or outside the permitted area and either applies or revokes specific policies.
“Mobile devices are very secure; too many IT organizations have unjustified fears around mobile security — but there is a class of user that needs more than the very good security that Apple’s iOS and the latest versions of Google’s Android provide,” notes Galen Gruman, executive editor of Infoworld. “For them, Samsung increasingly looks like the new gold standard to replace BlackBerry.”
Stay in tune with the latest digital financial services trends by checking out our complete line of finance technology solutions.