This week, 2,000 financial services decision makers and solutions providers gathered in Miami to discuss the ever-evolving landscape of mobile banking. In a panel moderated by Sean Sposito from American Banker, industry experts Phillip Dunkelberger, CEO, Nok Nok Labs, Inc., Robert E. Lee, Business Analyst, Intuit and Shahid Shoaib, Principal Consultant, Mobility and M2M Consulting Practice, Verizon Enterprise Solutions, discussed issues and challenges around securing data without compromising the end user experience.
Verizon’s Shahid Shoaib noted that while the 2013 Data Breach Investigations Report showed that data breaches in mobile devices are uncommon, there is a great amount of risk associated with personal and financial information being stored in mobile devices. Unanimously, the panelists agreed that multi-factor authentication, including protecting the platform and the application, is a must for financial institutions wanting to safeguard data and reputation.
"At the platform level, we don't get the security we're looking for. Especially on Android, we're seeing a lot of malware; phones can easily be jail-broken," said Shoaib. "We recommend that for any app that is accessing customer sensitive information, banks should take security matters into their own hands and not rely on what the underlying platform is giving them. All these platforms have been penetrated a number of times."
The key, the panelists agreed, is to strike the right balance between protection and consumer-friendly security features. Consumers are resistant to carrying physical keys, answering several security questions or entering one-time passwords to access their banking information. These steps make the process cumbersome and customer experience undesirable. And clearly, repeat passwords are no longer an option. “Many users have the same passwords across devices and they're too simple. Password management is a huge pain. And with social media, anyone can guess your dog’s name or Alma Matter by going to the user’s LinkedIn and Facebook pages,” Shoaib commented.
So, what’s the future of mobile banking security? Better authentication is definitely the answer. Several device manufacturers have invested heavily in biometric technology that is promising to change the landscape of mobile banking by providing a more user friendly and streamlined experience while still maintaining the stringent security needs of financial institutions.
While financial institutions and their clients wait for these promising technologies to be implemented, the panelists agreed, there is a need for financial institutions to take every possible protection measure today as tomorrow may be too late.
