Over 50 percent of consumers use mobile banking apps. With millions of transactions occurring between consumers and companies each day, hackers are finding more and more ways to steal this sensitive data. In fact, 70% of Apple iOS paid financial apps have been hacked and 95% of Android paid financial apps have been hacked. This type of vulnerability calls for increased security from banks in order to protect their firm and their depositors. Consumers will not switch en masse to mobile banking unless security issues are satisfactorily resolved. There are several important threats for financial institutions to consider.
The most common problem with mobile devices that affect device security is malware infections. Malware infections include worms and spyware that create pop ups and unwanted ads. In addition, these infections can send the GPS signal of the device to a third party location, which can be used for harmful purposes. Malware typically interrupts the smooth processing of the device, but malware can also cause consumers to unknowingly download apps that collect their personal information and data. Creating secure banking apps can help combat threats from compromised devices.
Account Takeover and Rogue Apps
More serious threats include account takeover and rogue apps. Consumers and financial institutions need serious mobile application protection to prevent these types of threats. If the consumer accidentally downloads a malicious app, their device may be completely taken over. The app may send all of the consumer’s passwords to the hacker on a third party site so they can enter the account and transfer funds. Even more worrisome, the device may be completely taken over by the hacker so that the consumer cannot even access or eliminate the virus. Financial institutions must have a plan in place to harden the app to protect the confidentiality of the code and prevent device takeover.
Overall, hackers will continue to become more and more sophisticated at attacking devices both on the front-end and the back end servers. Financial institutions must be wary of these techniques to infiltrate apps and continuously upgrade software for this purpose.
Courtesy Shane Owens, Community Manager at Arxan Technologies – Arxan.com