19 October 2017
Find out more

Human fallibility deemed weakest link in mobile banking security

09 November 2016  |  4794 views  |  0 Source: Mobey Forum

Human fallibility is now one of the biggest risks that banks and financial institutions must manage in mobile financial services (MFS), according to a new report from the Risk Mitigation Workgroup of global industry association Mobey Forum, released today.

The Risk Review: Mobey Forum’s Guide to Risk Management in Mobile Financial Services contends that, in addition to device and software vulnerabilities, banks must pay particularly close attention to the high risks associated with the criminal targeting of end-users, through social engineering and phishing, for example, together with fraudulent impersonation of customers during the enrollment and installation of new apps and services.

Ron van Wezel, Senior Analyst at Aite Group and Co-Chair of the Risk Mitigation Workgroup at Mobey Forum, comments: “Today’s banks and financial institutions need to develop applications for multiple operating systems and many flavours of mobile device, so it can be easy for them to be distracted by the vulnerabilities of the technologies themselves. If they are to implement proper risk mitigation measures, however, it is vitally important that they also acquire specialist knowledge of the user-oriented threats which are now commonplace in mobile fraud. Our report offers a framework for banks to consult when conducting their own risk analyses.”

The Risk Review identifies twelve categories of threats and assigns each a ‘risk level’, based upon its likelihood of occurrence and its anticipated impact. The report then details appropriate mitigation measures that banks can implement before mapping these measures by stakeholder group, enabling banks to quickly identify required action points within their own organisations.

“Threats to the mobile device must not be considered in isolation,” adds Philippe Roy, IT Security Specialist at Danske Bank and Co-Chair the Risk Mitigation Workgroup at Mobey Forum. “The smart phone is only the ‘user facing component’ of a much wider ecosystem of app stores, services and content providers. This interconnectivity exposes both the mobile device and its applications to increased risks, all of which must be carefully considered by banks before they launch new services.”

“Maintaining the delicate balance between user convenience and security is a fine line for banks to walk,” adds Sirpa Nordlund, Executive Director, Mobey Forum. “To succeed, banks must take a holistic view of risk; one that considers the weaknesses in both the technologies and their customers’ behaviour. As adoption rates increase, device-oriented financial services will diversify, making the risk landscape more convoluted and difficult for banks to navigate. We intend to produce content that will help banks and financial institutions maintain robust security in the digital age and, most importantly, mitigate risk, both for themselves and their customers.”

The Risk Review, the first of two parts, uses a standardised risk management approach to provide financial institutions with an overview of the field. Mobey Forum is now developing a second accompanying report, providing further guidance to financial institutions on mitigation measures and best practices to reduce the risks identified.

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
Register nowvisit www.capgemini.com

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
15607 views comments | 12 tweets | 4 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8778 views comments | 16 tweets | 22 linkedin
hands typing furiouslyHow artificial intelligence can deliver a...
8430 views 0 | 8 tweets | 10 linkedin
satelliteGates Foundation backs Ripple collaboratio...
7873 views comments | 13 tweets | 10 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
7019 views comments | 9 tweets | 17 linkedin

Featured job

Competitive base + commission + benefits
New York City, NY - USA

Find your next job