Fraud experts are issuing dire new warnings about mobile phone data security. They’re increasingly concerned about the proliferation of new apps using ‘screen scraping’ technology to scan and scrape data from consumers. They say there’s also a very real threat being posed by password aggregation apps which allow various accounts to be accessed with a single password.
Given the number of individual passwords the average consumer has to remember these days, password aggregation apps may seem very attractive, but they can also be dangerous. Analysts are warning consumers and banks to avoid being tempted by convenience at the expense of security.
Experian is urging caution around screen scraping apps. They allow financial information to be quickly and easily consolidated by the banks. Experian’s Albert van Wyk says the risks outweigh the benefits. “The financial services industry has a duty of care to not condone behaviour that makes consumers feel like giving away personal and sensitive information is the right thing to do. Consumers could in fact contravene the obligations they have with their bank and find that they are no longer safeguarded against claims of fraudulent activity on their accounts.”
Albert van Wyk says the onus should not be on the consumer to navigate all the complex fraud scenarios which could emerge. “There’s a risk consumers could download fraudulent screen scraping, or password aggregation apps by mistake, thereby giving direct account access to a fraudster.” Even if they download the correct app, he points to the risk of malware attachments on these apps that could send data to unauthorised users.
In several other major overseas markets, banks and financial institutions are moving away from screen scraping and password aggregation apps. Instead they’re looking at systems which allow banks – with the consumer’s permission – to share and confirm statement information directly between one another using secure technology
The need for consumer caution is heightened in Australia because Australians are among the world’s fastest adopters of mobile banking. The advice is to use different passwords across all your accounts; never store or send account information on SMS or email; avoid banking while on public networks like Wi-Fi; only use official bank apps and always protect your mobile device with a passcode.
Source: Experian Plc