CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Mobile banking: 4 risks to watch
Technology Operations

Mobile banking: 4 risks to watch

Education is a key factor in securing members’ financial data.

June 12, 2018
Ken Otsuka
No Comments
Mobile banking: 4 risks to watch

Nearly two-thirds of consumers use a mobile device to conduct banking transactions, according to Mobile Ecosystem Forum’s 2017 Mobile Money Report [PDF].

Mobile banking is a “must have” service for credit unions seeking to remain competitive and keep member satisfaction levels high. However, credit unions need to be aware of the risks associated with mobile banking and know how to address them.

Here are four of the top risks associated with mobile banking:

1. Mobile malware

Smartphones are nothing more than compact computers with an operating system and software. Just like with personal computers, smartphone users frequently are targeted by malware.

Mobile malware (e.g., banking Trojans) is designed to steal login credentials or hijack mobile banking sessions in “man-in-the-middle” attacks. This type of malware is spread by Phishing and SMiShing (SMS text message phishing) scams.

2. Phishing & SMiShing

Phishing attacks, typically carried out via email, have been a common way for cyber criminals to spread malware. But mobile banking users are also at risk to mobile malware infections via SMiShing attacks.

Mobile device users may trust SMS text messages more than email, and therefore may be more likely to click on links to malicious websites.

Educate members about the dangers that malware spread via phishing and SMiShing pose to their mobile devices and their finances.

3. Mobile banking apps

Using a dedicated mobile banking app tends to be safer for members than using a mobile web browser to log in to their accounts. This is because apps use secure coding techniques that may limit a cyber criminal’s ability to intercept and control a mobile banking session.

However, malware-laden, fake mobile banking apps designed to steal login credentials have been an ongoing problem for credit unions and their members. Warn members to only download mobile banking applications from trusted sources.

4. Unpredictable user behavior

Member behavior can present a challenge for credit unions. Many members have adopted safe banking practices on their home computers, such as not opening email attachments received from unknown sources and using antivirus software.

However, members may view their mobile devices as phones rather than computers capable of initiating financial transactions. Therefore, educating members on the importance of securing their mobile devices is critical.

A strong multifactor authentication method is essential for credit unions that allow members to initiate transfers to third parties via their mobile banking platforms.

While credit unions can use the mobile device itself as an authentication method, a device’s “fingerprint” shouldn’t be the only method you use since many devices, such as iPhones, have the same fingerprint.

Instead, consider using biometric authentication—a growing trend that uses fingerprint, retinal scan, and facial identification—to achieve strong authentication.

Keep in mind, multifactor authentication alone is not sufficient to protect member accounts. Credit unions should take a layered security approach to ensure other controls are in place to help stop potential fraud if one method is defeated.

Education is another key factor in securing members’ financial data. Use member-facing channels, such as email, social media, webinars, forums, etc., to make sure members understand and are prepared to avoid the risks involved with using their mobile devices.

KEN OTSUKA is a senior risk management consultant at CUNA Mutual Group.

KEYWORDS credit union mobile banking risks phishing SMiShing

Post a comment to this article

Report Abusive Comment

Credit Union Magazine - Winter 2020

Winter 2020

Credit Union Magazine’s Winter 2020 edition features CUNA’s 2021 lending outlook, CEO insights on adjusting to the pandemic, and board recruitment strategies.
Digital Edition •  Subscribe

Trending

  • NCUA proposes raising threshold for ‘complex’ CUs

  • Compliance: 2020 Year in Review, Checklist now available

  • NCUA’s 2021 supervisory priorities reflect COVID effects

Tweets by CUNA_News

Polls

Will you ask employees to receive the coronavirus vaccine?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors