Is mobile banking security as tight as we'd like to think?

Our mobile phones carry and store a lot of data. Your mobile banking app is most likely one of the biggest and most important carriers of data you have, but how much faith should we put into the security of banking and payments apps, asks Billy Bambrough

Our mobile phones carry and store a lot of data. Your mobile banking app is most likely one of the biggest and most important carriers of data you have, but how much faith should we put into the security of banking and payments apps, asks Billy Bambrough

The use of apps on mobiles continues to grow and as it does, people venture further and further from the relative safety of the Apple App Store and the Google Play Store.

Jailbreaking and downloading unofficial apps on a mobile device can give it a much greater degree of freedom but at the same time puts you at much higher risk of malware as there is much less quality control.

Arxan1

Financial services are obvious targets for hackers and malware due to the data they transport and store. A recent report by technology security company Arxan has showed that 78% of the top 100 paid Android and iOS apps from third party stores are infected with Malware.

arxan

The researchers found that 100% of the top 100 paid apps for Android and 56% of the top 100 paid apps for iOS had hacked versions available on third party sites for download. Particular to financial services the research unveiled cracked versions of popular financial apps to be at 53% for Android and 23% were Apple iOS hacked variants.

The increase in different devices is almost certainly going to drive up the amount of potential security problems for mobile app users. As platforms increase then the risk to users and the work for banks and security firms grows with it.

The approach of some software builders is to build in notifications that prevent the use of apps if the device is at higher risk, that is to say, if it has been jailbroken.

According to Intelligent Environments’ (IE) CTO Clayton Locke financial services companies have to choose between allowing their app to work on a jailbroken device or not. IE take the view that users should not be putting themselves at risk when using a financial services app and block users from their mobile apps on potentially compromised devices.

Whichever approach companies take security is certain to be one of the key considerations for both companies and customers when thinking about their banking and payments app security.