According to mobile security experts, 84% of mobile banking users are confident that their banks are completely on top of security and fraud prevention. But should they be, if more than a quarter of UK consumers that experienced banking fraud noticed the behaviour before their banks did?
Mobile payments are becoming increasingly commonplace, exceeding a combined expenditure of $220 billion in 2017 – more than tripling since 2013. Fraudsters primarily use phone identification to gain access to bank accounts, calling banks directly and passing security questions. How are they answering these personal, private questions? Through social media.
A survey of 3,000 consumers in the UK, France and Germany indicated that nearly two thirds of consumers have shared answers to their banking security questions on their social media channels. That includes birth dates, a mother’s maiden name, home address, the first country ever lived in – with over half (57%) of those surveyed admitting that they regularly forget answers to their security questions, it is easy to see why mobile banking security is liable to exploitation by cyber-criminals.
A solution that has been suggested is voice biometrics. Voice recognition software seems like a clear solution in practice, with it eliminating the need for easily forgettable passwords and replacing them with a simple phrase. Unfortunately, voice recognition software can be easily hacked, as fraudsters frequently discover new ways to imitate or copy a victim’s voice.
So, what’s the actual solution? A multi-layered defence, combining voice biometrics with more targeted, personal questions that aren’t easily answerable through social media, as well as software that can analyse the network and audio characteristics of the call itself. By identifying a consumer’s voice, individual knowledge and the overall characteristics of the call, banks could better identify fraudulent behaviour.
For those consumers wishing to improve their online security immediately, a good place to start would be their social media profiles; removing information that perhaps reveals too much, or otherwise contacting their bank to alter their security questions.