The Competition and Markets Authority’s recent announcement that banks will be pressured into allowing customers to access their entire finances via a single mobile app by 2018 has raised inevitable security concerns. However, the CMA’s ambitious plans can be made a reality if banks take the right steps to protect their own apps before the new measures come into place. This is according to app security specialists Promon.
Once the new rules are implemented, consumers will be able to apply for loans, overdrafts and mortgages using their mobile phones and will be able to manage accounts from different providers in one place. Besides increasing the functionality of smartphone banking and increasing competition by allowing customers to shop for the best deals, this decision has prompted serious debate amongst both banks and security professionals on the soaring danger of cyberattacks.
Lars Lunde Birkeland, Head of Communication at Promon, said: “It is plausible for banks to want to push back against the 2018 deadline; their reputation and an immense amount of customer and business data are at stake, and it is easy to consider this move to a unified banking app as being fraught with security challenges.
“The risk of linking all bank accounts is incontestable and a responsible and cautious approach must be put in place: if banks take the right steps to proactively manage their app security now, the solution to this problem is actually a straightforward one.”
British Banking Association data shows that mobile apps were used 11 million times a day in 2015, compared to only 7 million in 2014. At the same time, Internet banking logins dropped by 100,000 to 4.3 million per day in 2015 compared to the year before. Birkeland believes this increase clearly highlights the trend of going mobile, be it for businesses or banks.
Birkeland added: “The rise of mobile as a medium through which people do banking is inexorable. But what is less well-known is that securing banking apps and data ahead of the new measures less troublesome than many think.”
To alleviate these possible issues, banks should implement software that makes their apps self-defending, rather than rely on their customers to protect their devices from cyberattacks. Such software consists of code that can be embedded into an app during its creation or in a software update, which immediately provides protection from external threats.
Birkeland concluded: “What is left for banks now is to be flexible enough to adapt to the growing mobile trend, and to keep in mind the nature of the data that is being manipulated and the potential risks it involves.
“The solution is simple. Securing the new app from the inside will be a stepping-stone in securing data, gaining consumer trust and safeguarding the future of mobile banking. If approached in a proactive, innovative way, the CMA’s proposed smartphone banking revolution is far from utopian.”