As financial crime continues to expand and evolve, FICO interviewed Aite Group fraud analyst Julie Conroy McNelley about emerging threats in mobile banking security. Julie recently participated on the FICO World analyst panel on “Enterprise Fraud Management” and just published “Mobile Fraud: The Next Frontier,” a report based on Aite’s survey of global risk executives at the conference. In this Q&A, Julie discusses mobile fraud risk and shares insights from the survey.
FICO: Why is mobile security an important topic to study now?
Julie: The mobile channel is rapidly growing in terms of both usage and transactional capability. There has been a fair amount of media buzz around the potential for fraud, but that buzz has largely been the product of speculation. We wanted to survey the people responsible for Financial Institution security to quantify the extent to which mobile security is a top-of-mind concern, and to better understand mitigation techniques in use today. The FICO World conference provided a great forum because of the risk expertise and geographical diversity of the attendees.
FICO: Why has the mobile channel proven challenging to secure?
Julie: Actually, today the mobile channel is seeing very little in the way of hard dollar losses, but that is largely because the transactional capability in the mobile channel has been fairly limited. As enhanced transactional capability is deployed, we will see the channel come under more intense attack by cybercriminals. While some of the technologies that have proven effective in securing the online channel are directly applicable to mobile, there are also many aspects of the mobile environment that are unique, requiring a different fraud mitigation approach.
FICO: What did the findings show?
Julie: The findings showed that the media buzz was not unfounded—risk executives at Financial Institutions are very concerned about the fraud potential of the mobile channel, and are worried that we do not yet have a good understanding of the ways in which fraud will manifest in the mobile channel. It also showed that while many Financial Institutions are actively working on deploying fraud mitigation technology to the mobile channel, one in four Financial Institutions are waiting to see what kind of threats emerge before making their investment.
FICO: What should financial institutions take away from this report?
Julie: Financial Institutions and the vendors that serve them will learn 1) the ways in which mobile banking is deployed today; 2) the perceptions around the security of the mobile environment among financial services risk executives; and 3) the fraud mitigation techniques currently in use in the mobile environment, as well as those on the roadmap.
For more information on emerging fraud threats and antifraud best practices, view the FICO World presentation slides from “Enterprise Fraud Management—Analyst Panel” and “Enterprise Fraud Management—Lender Panel.”