CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » Mobile banking: 4 risks to watch
Technology Operations

Mobile banking: 4 risks to watch

Education is a key factor in securing members’ financial data.

June 12, 2018
Ken Otsuka
No Comments
Mobile banking: 4 risks to watch

Nearly two-thirds of consumers use a mobile device to conduct banking transactions, according to Mobile Ecosystem Forum’s 2017 Mobile Money Report [PDF].

Mobile banking is a “must have” service for credit unions seeking to remain competitive and keep member satisfaction levels high. However, credit unions need to be aware of the risks associated with mobile banking and know how to address them.

Here are four of the top risks associated with mobile banking:

1. Mobile malware

Smartphones are nothing more than compact computers with an operating system and software. Just like with personal computers, smartphone users frequently are targeted by malware.

Mobile malware (e.g., banking Trojans) is designed to steal login credentials or hijack mobile banking sessions in “man-in-the-middle” attacks. This type of malware is spread by Phishing and SMiShing (SMS text message phishing) scams.

2. Phishing & SMiShing

Phishing attacks, typically carried out via email, have been a common way for cyber criminals to spread malware. But mobile banking users are also at risk to mobile malware infections via SMiShing attacks.

Mobile device users may trust SMS text messages more than email, and therefore may be more likely to click on links to malicious websites.

Educate members about the dangers that malware spread via phishing and SMiShing pose to their mobile devices and their finances.

3. Mobile banking apps

Using a dedicated mobile banking app tends to be safer for members than using a mobile web browser to log in to their accounts. This is because apps use secure coding techniques that may limit a cyber criminal’s ability to intercept and control a mobile banking session.

However, malware-laden, fake mobile banking apps designed to steal login credentials have been an ongoing problem for credit unions and their members. Warn members to only download mobile banking applications from trusted sources.

4. Unpredictable user behavior

Member behavior can present a challenge for credit unions. Many members have adopted safe banking practices on their home computers, such as not opening email attachments received from unknown sources and using antivirus software.

However, members may view their mobile devices as phones rather than computers capable of initiating financial transactions. Therefore, educating members on the importance of securing their mobile devices is critical.

A strong multifactor authentication method is essential for credit unions that allow members to initiate transfers to third parties via their mobile banking platforms.

While credit unions can use the mobile device itself as an authentication method, a device’s “fingerprint” shouldn’t be the only method you use since many devices, such as iPhones, have the same fingerprint.

Instead, consider using biometric authentication—a growing trend that uses fingerprint, retinal scan, and facial identification—to achieve strong authentication.

Keep in mind, multifactor authentication alone is not sufficient to protect member accounts. Credit unions should take a layered security approach to ensure other controls are in place to help stop potential fraud if one method is defeated.

Education is another key factor in securing members’ financial data. Use member-facing channels, such as email, social media, webinars, forums, etc., to make sure members understand and are prepared to avoid the risks involved with using their mobile devices.

KEN OTSUKA is a senior risk management consultant at CUNA Mutual Group.

KEYWORDS phishing

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • House passes CUNA, League-led board modernization bill

  • CFPB issues CUNA-opposed proposal on credit card late fees

  • Key committee leaders supportive of credit union priorities

Tweets by CUNA_News

Polls

Vote for the 2023 CU Hero of the Year

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us