15 December 2017
visit www.solutions.lexisnexis.com

Human fallibility deemed weakest link in mobile banking security

09 November 2016  |  4890 views  |  0 Source: Mobey Forum

Human fallibility is now one of the biggest risks that banks and financial institutions must manage in mobile financial services (MFS), according to a new report from the Risk Mitigation Workgroup of global industry association Mobey Forum, released today.

The Risk Review: Mobey Forum’s Guide to Risk Management in Mobile Financial Services contends that, in addition to device and software vulnerabilities, banks must pay particularly close attention to the high risks associated with the criminal targeting of end-users, through social engineering and phishing, for example, together with fraudulent impersonation of customers during the enrollment and installation of new apps and services.

Ron van Wezel, Senior Analyst at Aite Group and Co-Chair of the Risk Mitigation Workgroup at Mobey Forum, comments: “Today’s banks and financial institutions need to develop applications for multiple operating systems and many flavours of mobile device, so it can be easy for them to be distracted by the vulnerabilities of the technologies themselves. If they are to implement proper risk mitigation measures, however, it is vitally important that they also acquire specialist knowledge of the user-oriented threats which are now commonplace in mobile fraud. Our report offers a framework for banks to consult when conducting their own risk analyses.”

The Risk Review identifies twelve categories of threats and assigns each a ‘risk level’, based upon its likelihood of occurrence and its anticipated impact. The report then details appropriate mitigation measures that banks can implement before mapping these measures by stakeholder group, enabling banks to quickly identify required action points within their own organisations.

“Threats to the mobile device must not be considered in isolation,” adds Philippe Roy, IT Security Specialist at Danske Bank and Co-Chair the Risk Mitigation Workgroup at Mobey Forum. “The smart phone is only the ‘user facing component’ of a much wider ecosystem of app stores, services and content providers. This interconnectivity exposes both the mobile device and its applications to increased risks, all of which must be carefully considered by banks before they launch new services.”

“Maintaining the delicate balance between user convenience and security is a fine line for banks to walk,” adds Sirpa Nordlund, Executive Director, Mobey Forum. “To succeed, banks must take a holistic view of risk; one that considers the weaknesses in both the technologies and their customers’ behaviour. As adoption rates increase, device-oriented financial services will diversify, making the risk landscape more convoluted and difficult for banks to navigate. We intend to produce content that will help banks and financial institutions maintain robust security in the digital age and, most importantly, mitigate risk, both for themselves and their customers.”

The Risk Review, the first of two parts, uses a standardised risk management approach to provide financial institutions with an overview of the field. Mobey Forum is now developing a second accompanying report, providing further guidance to financial institutions on mitigation measures and best practices to reduce the risks identified.

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.thomsonreuters.infovisit www.niceactimize.comvisit www.atos.net

Top topics

Most viewed Most shared
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
10347 views comments | 17 tweets | 25 linkedin
satelliteRipple completes XRP Lockup
9664 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
9095 views comments | 17 tweets | 36 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7670 views comments | 20 tweets | 11 linkedin
Australian Government amends AML rules to cover digital currenciesAustralian Government amends AML rules to...
7291 views comments | 15 tweets | 24 linkedin

Featured job

to £70K base, £105K ote, benefits
London, UK

Find your next job