While mobile banking apps are growing quickly in popularity, 68 percent of smartphone owners who have not yet adopted these apps are holding back due to security fears, while only 12 percent believe that the effort of downloading and installing such apps doesn’t justify the convenience, according to Metaforic.
By contrast, only 14 percent of those surveyed said that security concerns were preventing them from using PC-based online banking.
These consumers could be right to worry. Juniper Research finds that Android malware is up more than 3,325 percent, and another study shows 92 percent of the top iPhone apps have been compromised, indicating that the mobile environment is potentially more dangerous than the classic PC environment.
Even with password protection, an app can still potentially be compromised via repackaging, targeted attacks via drive-by downloads, man-in-the-middle attacks, keyloggers, and more. In addition, most consumers do not run any extra security processes on their smartphones, such as anti-virus protection.
Even if they do, a recent study shows that these mobile protections catch only 20-80 percent [NCSU-DSC] of such infections, compared to worst case 90 percent protection on the PC [AV-TEST].
“As the convenience of smartphones fuels the surging popularity of mobile banking apps, it’s clear that the average user may not understand the risks involved, and is not taking the security steps needed to protect their mobile devices,” said Dan Stickel, CEO of Metaforic. “Unless mobile apps are immunized against unwanted modifications, both users and banks face potentially staggering financial risks. It’s just a matter of time until a major breach occurs.”
In fact, Gartner has now reported the first publicly announced banking app losses, and it seems likely that compromises will rise along with the popularity and capabilities of these mobile apps. In June, McAfee reported $78M+ stolen via automated back-end servers targeting people’s online accounts and this is just the tip of the iceberg.