There's been recent news discussing the vulnerabilities of wireless apps for the banking industry and how they could impact users. As the number of Americans regularly using mobile banking services continues to grow, security concerns will grow along with them.
The challenges for banks to consider are all of the potential vulnerabilities in their implementation to better mitigate risks effectively while managing the delicate balance between extra layers of security vs. user experience.
Here are a few recommendations we suggest bank and financial institutions may want to consider:
- Deploy strong or two-factor authentication that goes beyond the traditional username and password. If username and password are compromised, the fraudster still needs the second factor to gain access to an account. With our VIP mobile SDK, banks can enable a silent user experience for a second factor of authentication allowing greater security without negative impact to usability.
- Implement fraud detection and transaction monitoring. If a hacker passes the front door, real-time fraud detection services can automatically detect novel attacks by recognizing abnormal behaviors in user behavior to help recognize an attack.
- Avoid storing sensitive personal information on mobile devices which can easily be retrieved. For any information that a bank may require users to store on their mobile devices, banks should leverage platform secure storage with various encrypted and obfuscated techniques.
To find out more about the solutions that can help protect your bank and customers, check out these resources:
There is no silver bullet security solution or service that will protect everyone from everything. However, banks and other financial institutions should always consider a layered approach to protect themselves and their customers.