By James Richards

Shortcomings in leading banking apps raise security concerns but actually breaches are rare and easily fixed.

New research from MyPrivateBanking.com shows that just three of the ten most important features that users expect of mobile banking apps are up to scratch. From the website's analysis of the world's top 50 mobile banking apps, security is the feature that banks apparently show little care for, with just one-third of the apps offering sufficient safety measures. One of the major challenges standing in the way of widespread adoption of mobile banking is the perceived security threat, and banks clearly need to raise consumer confidence through at least rolling out the right security processes.

Ironically, issues with mobile security are rare, and often rapidly resolved. Take the recent Google Wallet security scare, for example, which certainly caused concern at the time. However, after disabling the pre-paid service for a period, Google issued a security patch and normal service quickly resumed. Nevertheless, many mobile banking security myths still exist, and it is up to the industry to educate consumers about the facts.

Firstly, people are unaware of just how safe banking via a mobile can be – specifically when using an app. Not only do apps allow organisations to provide a highly tailored service to their customer base but they also win hands down when it comes to security. Mobile applications can cryptographically secure your data, meaning that all a user needs to do is prove that they are authorised to use the app with a simple but secure password. This not only delivers a straightforward and relatively rapid check for the consumer, but one that is also safe and exclusive to each individual mobile subscriber. In this respect, banks and their customers can be assured that their data is safe, whilst actually delivering a more user-friendly customer experience. Of course, the more complex or sensitive a task becomes then layers of security must be added. For example, in order to make a payment the customer can be prompted for another password to verify the transaction, which not only authenticates the payment but also provides a signature for the transaction. This again serves to increase user confidence.

Mobile security also varies significantly between the different mobile platforms. Most prominent in the mobile app space are RIM (BlackBerry), iPhone, Windows Mobile and Android. BlackBerry is more traditionally associated with the business user and is, therefore, subject to the potential of usage restriction by corporate IT departments, whereas iPhone and Android are rapidly becoming the preferred choice for the consumer.

There are currently no mobile app security standards across the industry and, as a result, each platform has its own requirements for banks seeking to launch financial services applications. For example, applications being put forward for the AppStore for Apple undergo stringent security tests and can be cryptographically signed by both the vendor and Apple itself, whereas on the Android platform, which is an open operating system, there is not a trusted distributor of applications and much more innovation is needed by software vendors to deliver the required levels of security.

Mobile security concerns are important, and must be addressed by those organisations seeking to take mobile banking and mobile payments propositions to market. However, the truth is that mobile financial services are safer than many people realise and, in the case of mobile apps, the platform offers a degree of security ahead of even online banking. Educating consumers about these security facts will no doubt drive adoption rates and help take mobile financial services mainstream.  

James Richards is director of mobile with digital banking provider Intelligent Environments. The company is currently working with mobile operator O2 in the UK on its mobile wallet app.

The editorial views expressed in this article are solely those of the author(s) and will not necessarily reflect the views of the GSMA, its Members or Associate Members.