Having read with interest a BBC article about the continued growth in the use of banking apps versus the ongoing decline in the use of web-based banking facilities, I started to wonder what this trend meant in terms of personal information security as well as any known effects on business. This could become increasingly relevant if the concept of Open Banking, where a single banking app could access bank accounts from multiple banks takes off (something the UK banking industry is currently being encouraged to pursue by the Competition and Markets Authority)
First a quick look at the facts, which have come from a report compiled by the British Bankers Association (BBA):
Why do we prefer apps?
So why the preference in using smartphone and tablet apps? Well I would expect we would all agree that the main driver is one of convenience. You always have your phone in your pocket so when you need to make a transaction – such as transfer or payment – this is the quickest way to do it there and then.
Of course often when logging in via a web portal you will sometimes require a second level of authentication via your phone or a keypad. Usually this is not required by an app so access is quicker too. Finally, the development of smartphone payment systems – such as Apple and Android pay – has made using a phones as a tool to manage your finances more acceptable.
Are apps secure?
But what about security? Are apps less secure than web based banking? Or more? Or should you use neither and go to your local branch as we all used to?
App based banking certainly has less end user authentication required however, at the current time anyway, mobile phones are far less likely to be targeted by cyber criminals than say a Windows PC so inherently they are a safer device. But will it stay this way? Consider the huge number of devices out there, most without any form of security software, and many now making financial transactions with a lower level of security in place compared to a PC. Do you think they make an attractive target to cyber criminals? Of course they do.
And the IT security software providers agree. Symantec reported in their 2016 Internet Security Threat Report that the cumulative number of Android Malware Variants increased by 40% during 2015 and that approximately 3% of mobile apps were specifically created to do harm to or compromise devices. Whilst is it generally accepted that the Apple iOS mobile operating system is harder to crack, it has been reported that the Apple App Store has been hit with a few malicious apps that avoided detection in their vetting process.
Trends in consumer technology generally are a precursor to their adoption in the business environment – so we can expect use of banking apps to increase as execs need access to reporting dashboards and payment approval on the move. We should not attempt to stop this- preventing technology advances from being employed stifles productivity. However, a clear approach as to what data can be accessed via apps and how to secure it is required.
And as far as personal banking goes the key is to remain vigilant and treat banking with apps as you would do when using your PC.