Apps are generally more secure than regular html webpages. There are several reasons for that, most prominently that apps are downloaded from a
walled environment, called app store. This holds also true for banking apps. We’ve asked our contacts at major retail banks worldwide about incidents of fraud through mobile apps. The answer is simple: basically zero. It may be that Internet criminals have not learned yet how to break into mobile apps but for the time being, bank customers can feel somewhat safer using their mobile app than using web- based banking.
So, why do banks still get an “F” on mobile app security? It’s a communication problem. Our surveys show that many users don’t feel safe
using apps for banking transactions. One major reason is that they fear their bank accounts can be easily manipulated in case the mobile device is
Yet, despite the users’ uneasiness with mobile banking, banks communicate only very hesitantly about the security measures and precautions for mobile banking apps: 34% percent of banking apps contain no information at all on security and 42% fail to do so on privacy issues. This is one of the results of our recent Mobile Apps for Banking 2013 benchmarking report. In addition, the report finds that app store descriptions of mobile banking apps include information on security matters in only 64% of cases.
Banks should take these findings seriously. Mobile banking is becoming ever more popular but a significant portion of potential users are deterred by
security concerns. Every banking app and every app description should display and explain security features of the app prominently. Users must understand that data encryption of banking transactions is as safe as on the fixed Internet. Log-in procedures and other safety measures should also be clearly communicated. Users’ perception of security will then be as strong as the actual security itself.