While Americans may not necessarily trust Wall Street, they should be able to to trust mobile applications with their financial information. An overwhelming majority of Americans with a bank account and a smartphone are opting for online banking, rather than the traditional “walk-in”. However, with the convenience of mobile banking, comes its fair share of security risks. A large number of banks bypass some of these risks, many banks limit the functionality of the application to cover account balances, transaction histories, and ATM location. Today, more and more banks are beginning to incorporate P2P functionality, remote deposit capture, and more. With the increased capability of modern banking applications, as a developer, you need to be able to deliver functionality with the promise of security and convenience.
Since downloadable banking applications are fairly new, our understanding of potential threats is still fairly limited. With desktop top based banking sites presenting their own set of threats, developers should also be cognizant of the unique threats posed in the mobile arena. One issue that seems to strike at the hearts of mobile banking customers is that of a malevolent piece of software being downloaded onto their phone. The ease of developing and releasing mobile applications, means that a less than reputable individual may be able to release their own third party banking application, taking advantage of the customer’s inability to distinguish between verified developers.
With banks working tirelessly to bring mobile to finance, the line between innovation and risk is wire thin. Banks, in a move to protect their customers’ information, have begun to sacrifice application functionality in favor of a more secure application. It should be noted that while there is a strong sense of anxiety over the safety of mobile, mobile applications are actually far safer than web-based transactions through a browser.
Security remains a top priority, confirms Alex Sion, VP of financial services at SapientNitro. “It’s absolutely top of mind,” he says. “But sometimes security and the thinking around security is compromising speed and innovation.”
The mobile application provides the user with a direct pathway from the customer to the bank, while there’s likely to be more in the way with mobile-browser based banking. Over a public wireless connection, a session can easily be hacked, with mobile app banking, the interaction is essentially between app to app.