Consumer Affairs: Professor Elizabeth Baker says Smartphone Banking Security is Lacking
How Secure is Mobile Banking?
It has the potential to be very secure, report finds
Reposted from Consumer Affairs | By Mark Huffman
The Internet continues to become mobile, meaning in the future even more consumers will use their smartphones and tablets for online banking. Most banks have already rolled out mobile apps and are encouraging customers to use them.
But how secure are they? A new report from Reportlinker.com suggests mobile banking is fairly secure for now. Its Mobile Banking Security Insight Report suggests the financial services industry will continue to benefit from the immediacy that smart mobile devices (SMDs) offer but there are significant risks that must be counteracted before consumers are confident in accepting them.
Banks like mobile banking because it’s good business. Mobile customers are generally young and affluent. In other words, the same people who want the latest gadgets – smartphones and tablets – are the very people the banks want as customers.
Risks
But what are the risks?
“Anyone who has access to your cell phone has access to your identity in a few clicks,” said Elizabeth Baker, an assistant professor at Wake Forest University and an expert in information system security issues. “Often, credit card companies limit your financial responsibility if your card is stolen and fraud is committed. This is not true for your checking and savings bank accounts. Money fraudulently withdrawn can be costly.”
The new report acknowledges this growing risk. It notes that while the current level of risk is probably still lower than using online banking on your PC, criminals are quickly turning their attention to the mobile platform as more consumers start using mobile devices.
“As the mobile device becomes the number one screen for our daily lives it conversely becomes an increased target for malicious activity,” the report finds. “Mobile devices are increasingly being attacked.”
Potential
But the report, compiled by Goode Intelligence, says the mobile banking platform has the potential to be much more secure than your desktop. That’s because it can also be used as a security token.
If a consumer registers a specific phone to the bank account the authentication process can be simplified for the user who merely has to enter a private PIN or passcode to prove they are in possession of the registered phone.
At the same time, the report says smart phones have the potential to offer stronger authentication. Geolocation, voice recognition, built-in cameras and fingerprint readers could all be used, if required, to offer additional layers of security when authenticating users.
Seamless security
The report suggests this could all be done seamlessly, so that mobile banking is both secure and convenient for the consumer.
Most importantly, all these extra measures could be added without spoiling the user experience. It means that mobile banking can offer better security and better user convenience at the same time.
To reach that level of security, however, it says banks should create an encrypted communication channel between user and bank. It should then create a security protocol that only allows the registered phone to access the account and ensures that the person using the phone is the registered customer.
That security layer is currently lacking. Experts like Baker worry that smartphone users currently are not taking enough steps to secure their phones with password protections, in the event they are lost or stolen.