Improving transaction security for financial institutions
by Andreas Baumhof - CTO at ThreatMetrix - Monday, 23 June 2014.
Mobile technology is changing the way we conduct financial transactions. With more and more consumers relying on mobile technology to perform everyday activities, the mobile channel now represents nearly two out of three (65%) of all transactions for financial institutions.

Data from the ThreatMetrix Global Trust Intelligence Network shows that for financial institutions, mobile app transactions provide the highest level of security for banks and consumers. But that doesn’t mean that mobile apps are threat-proof—financial institutions need to do more to secure apps and mobile-based transactions from the dangers posed by increasingly sophisticated cyber thugs.

The mobile threat to financial institutions

Mobile banking is appealing because it is convenient, enabling time-strapped consumers to perform a wide range of on-the-go financial transactions. Yet, there is a perception among providers that mobile increases the potential for fraud. According to a recent industry study, approximately one in three merchants surveyed believe that mobile is “somewhat riskier” than standard web commerce.

In fact, the prevalence of spoofing, malware and other threats actually do present several unique security challenges that online retailers and financial institutions need to address:

Mobile Usability. Today’s consumers demand feature-rich mobile experiences. In response to consumer demand, financial institutions often sacrifice robust back-end security features for improved usability.

Browsers. Unfortunately, most mobile browsers don’t provide the same level of security as their desktop counterparts. Why? Because in many instances, mobile browsers simply don’t allow for the scope and accuracy of information that banks rely on to provide robust cybersecurity.

Security Features. Mobile banking transactions tend to have fewer fraud prevention features than desktop transactions. Traditional OOB (Out-of-Band) authentication features don’t work on mobile, and mobile and non-mobile transactions are often not scored uniformly.

Across the board, financial institutions need to do more to improve security. Although there are several security strategies banks should pursue, one of the best strategies involves a mobile resource that is already familiar to most consumers: mobile apps.

Leveraging mobile apps for improved cybersecurity

Mobile apps offer a variety of benefits to both consumers and financial institutions. A carefully designed app can be tailored to provide consumers unique and seamless mobile banking experiences, while giving banks greater control over the security of transactions.

According to the Federal Reserve Board, 51 percent of smartphone users have used a mobile device to conduct banking activities within the past 12 months. Additionally, more than half of all mobile banking users have installed banking applications on their devices and use them to perform financial transactions.

From a security standpoint, the increased use of mobile apps for financial transactions is a positive development. However, financial institutions can further mitigate the risk of fraud by incorporating a few, simple guidelines into their mobile security strategies and app development agendas.

Improved Back-end Processes. The pressure to rapidly release new or improved mobile apps into the marketplace can be intense. But financial institutions’ first priority should always be the inclusion of robust back-end processes and security features—even if it means delaying app release dates.

Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //