Rethink Your Mobile Banking Risk

CUs and members need a better grasp on the risks involved with mobile devices.

December 12, 2011

While there’s no question that mobile banking has the capability to be a key component to attracting and retaining members, credit unions and their members need to better understand the risks this increasingly popular service presents.

Smart phone sales capable of supporting most online banking applications are growing at an unprecedented rate. According to a Nielsen Company report, approximately half of all mobile devices sold in the U.S. in 2010 were smart phones.

It’s also estimated that by the end of 2011, there will be more active smart phones than feature phones, and roughly one-third of these users will access mobile banking applications with an iPhone or Android device.

Some of the research on mobile banking in the credit union space suggests that complacency to the risks of this service might be more widespread than originally thought.

According to AVG survey results reported in IT World, 89% of mobile banking users didn’t understand that smart phones can transmit personal information. Ninety-one percent of the same group said they weren’t aware that malware exists that’s designed specifically to steal information.

McAfee reported earlier this year that the number of pieces of new mobile malware in 2010 increased 46% compared with 2009. The report also uncovered 20 million new pieces of mobile malware in 2010, equating to nearly 55,000 new malware threats every day.

One particular concern is the Gemini Trojan virus that targets mobile devices with Android operating systems. When you couple McAfee’s findings with the AVG survey that found 29% of poll respondents admitted to storing credit and debit card information on their phones, it’s clear that more education and awareness is needed for members who use this service.

While most members understand the need for security on desktops, laptops, and home PCs, many don’t perceive the need for increased protection for mobile devices.

To help your credit union better manage the risks of mobile banking, remind your members to:

  • Password-protect all mobile devices;
  • Download online banking applications from trusted sources only;
  • Avoid storing usernames and passwords on mobile phones;
  • Refrain from enabling the “install from unknown sources” feature on Android devices;
  • Install antivirus software their mobile devices;
  • Check account activity frequently and notify the credit union of any unauthorized activity immediately; and
  • Adopt safe practices modeled after those for personal computers, such as not opening attachments or clicking on links in e-mails received from unknown sources.

Mobile banking is an innovative service that will help meet emerging member service demands. As with any new offering, credit unions must balance risk with reward and conduct careful due diligence.

BRAD MUNDINE is senior manager, Credit Union Protection Risk Management, for CUNA Mutual Group. Contact him at 800.356.2644, ext. 5100.