The smartphone business is booming with breakout successes like the iPhone 6 and 6 Plus and the mobile usage is growing at a fast-pace to the detriment of laptops/ internet from home use. It should not be surprising that criminals have also adapted to the new trends and more than 1.3 million unique smartphone attacks have been reported from January to October 2014.
While one of the main causes is the increasing amount of mobile transactions and payments, the multitude of digital communication tools like the real-time apps helping advisers improve communication with their clients also keep clients engaged with their mobile devices. High-net worth clients are attractive targets for mobile security breaches as they mostly manage their wealth while on the way and use unsecured Internet access points (see our report on the mobile behavior of the affluent and HNWI).
But what are the main factors driving security breaches of mobile apps in the banking field? MyPrivateBanking’s recently released report on Mobile Apps for Wealth Management 2015 found that secure client authentication is still being neglected by many wealth managers. Few of the evaluated wealth managers /private banks are using the gold standard to protect clients’ data by making use of a full two-factor authentication procedure plus adding a multi-layered anti-fraud framework. Striving to provide their clients with a convenient, easy-to-access information, some wealth management apps even allow users to log-in with only their 5-digits passcode thus ignoring the fact that these weak security measures make their clients easy prey for hackers who illegally try to access personal data.
One of the main areas of risk, which is often being neglected by banks, is that criminals are targeting not only the secured spaces where transactions are being made by clients but also other apps/features where they are able to identify personal data (for instance address, birthdate or trivial things like shopping coupons). Putting together this information can easily lead to so called identity theft, enabling criminals to break into even better secured systems.
Wealth managers should think hard about an integrated and broad security strategy, even if they have to sacrifice a bit of convenience for their clients to gain gold standard security.