In an age where the proliferation of financial mobile applications in increasing on a huge scale, the rise of financial ‘super apps’ may seem the logical conclusion of such a rise.
The rise of any financial super app, however, must be accompanied by a foundation of strong mobile application security and technologies and techniques that ensure security by design, new research by OneSpan has stated.
The research underlined the growth of such behemoth apps in China and other Asian regions such as WeChat and Alipay. Super apps are smartphone applications that often combine many of the most popular apps a person may use – such as social media, shopping and payments to entertainment and streamed media – into an all-encompassing app.
Despite this growth in the East, the West has yet to see a true super app break through the curtain. While companies like Facebook, Walmart and PayPal have all made such steps, there has yet to be one completely dominant competitor that has established its dominance.
While financial super apps can provide convenience at impressive scale, they also pose much greater security risks than their smaller competitors. OneSpan detailed that mobile malware attacks are rising – with 156,710 mobile banking trojans identified in 2020 – and the firm believes many banks are underprepared for the risks.
OneSpan said, “Despite the convenience and benefits of super apps for both financial institutions and their customers, they also bring new risks. As banks partner with third parties to add more services and offerings to their mobile apps, the attack surface grows, introducing potential vulnerabilities for cybercriminals.
“Additionally, in the rush to get new offerings and mobile features to market, developers sometimes let security fall by the wayside. Cybercriminals know this and will target their attacks to take full advantage. Therefore, as banks work to develop their super apps, they will need to ensure strong mobile application security is built-in from the beginning.”
The company stressed that while many banks have gained a trusted reputation for strong online security over the years, they have struggled with mobile application security. This is linked to the fact that with mobile apps, application code gets stored on the user’s device and a bank has no control over the security hygiene of that device.
To manage such an issue, OneSpan said that it was ‘imperative’ for banks to protect their apps on the client side with modern technologies such as mobile application shielding and runtime protection. The former helps to insulate a mobile app from threats by strengthening its resistance against tampering, reverse engineering and intrusion. If combined with biometric authentication and other technologies, banks can ensure their financial super apps are secure against fraud and threats like man-in-the-middle attacks.
OneSpan concluded, “For banks to effectively compete against new market entrants and mobile-first innovators, they need to invest in expanding their mobile offerings to improve their mobile experience. They need to find the financial super app. By bringing all of a customer’s banking, financial and payment services under one umbrella, banks can position themselves as the go-to app.
“But to do this, they’ll need to design strong into the app from the start. With technologies like mobile application shielding, biometrics and more, innovative banks can develop the financial super app consumers want while protecting their sensitive financial data from mobile threats.”
The full research can be viewed here.
Copyright © 2022 FinTech Global
