By Jack Kerr, 18 November 2024
Mobile app fraud is evolving rapidly. As noted by the UK’s Financial Ombudsman Service (FOS), the surge in fraud and scam complaints has hit record high levels. [1]
More than half of these complaints involved customers approving fraudulent online bank transfers – also known as authorised push payment (APP) scams.
While the Contingent Reimbursement Model (CRM) Code [2] offers some protection against APP scams, alongside the new mandatory reimbursement scheme from the Payment Systems Regulator (PSR), more action is needed to combat these growing threats.
According to YouGov data, 33% of Brits use their banking app daily [3], while globally mobile banking is projected to potentially surpass online banking as the most popular mode of digital banking [4]. Therefore all financial institutions should have a strong focus on protecting their mobile apps and mobile consumers.
While financial institutions have already made strides in fraud prevention, as criminals become more sophisticated with techniques like AI-powered phishing, smishing (SMS phishing) and vishing (voice phishing), protections must ramp up.
Relying on reactive, band-aid solutions is no longer sufficient – it’s time to get ahead of the curve with proactive, real-time mobile app security measures and protections spanning security, anti-fraud, anti-social engineering, anti-bot and more.
Need for new tactics
Many users today find themselves increasingly unable to defend against these complex and evolving attacks, particularly as fraud tactics, powered by AI, become more sophisticated.
Customers expect app makers to protect their mobile apps, with 97% of UK consumers viewing protecting their privacy using mobile apps as essential, according to the Appdome UK Consumer Expectations of Mobile App Security survey. This makes round-the-clock, automated security a necessity.
Financial institutions need to go beyond traditional measures like multi-factor authentication (MFA), and to implement technologies to combat growing threats such as deep fake face ID bypass, remote access Trojan (RAT) attacks, and SIM swapping.
These should also go alongside behavioural analytics and continuous monitoring to detect social engineering attacks – where customers are tricked into revealing sensitive information – as they unfold.
By embedding an advanced security platform directly into mobile apps, institutions can detect and block fraud on a client before the user or business is damaged, protecting users from AI-enhanced attacks and other forms of fraud and social engineering.
It's a win-win for both the organisation and the customer. Financial institutions that adopt these proactive measures can stay ahead of evolving fraud schemes, securing customer data in real time. Beyond just protection, it builds consumer trust and loyalty, both key goals for any firm in today's market.
Building trust
Organisations can’t afford to leave customers unprotected, as nearly three-quarters (71%) of people in the UK will abandon a mobile brand after a breach, and will also tell their friends to do the same.
To build trust and keep consumers safe, automated fraud detection systems play a critical role. Through the introduction of systems that monitor suspicious behaviour, such as unusual spending patterns or mobile banking activity alongside an unexpected call, financial institutions can respond instantly. They can either block a transaction, prompt additional verification, or issue real-time alerts to protect the user.
This approach ensures fraud is caught and prevented early, without disrupting the seamless user experience consumers now expect. It’s this always-on method that’s critical to staying ahead of APP scams and other rapidly evolving cyber threats.
Fraud-proof your mobile app
Customers need to be able to trust financial institutions. For that to happen, organisations must be doing their upmost when it comes to their fraud prevention efforts.
Adopting invisible, automated security measures within their mobile apps, not only achieves this and ensures compliance, it also offers a competitive advantage in today’s digital landscape.
With comprehensive mobile app security, institutions can protect customers, securing both their clients' data and the future of their business. This should be a top priority for every organisation.
About the author
Jack Kerr is Director of Appdome
1 - https://www.financial-ombudsman.org.uk/news/fraud-scam-complaints-hit-highest-ever-level
2 - https://www.lendingstandardsboard.org.uk/the-new-rules-for-authorised-push-payment-fraud-reimbursement-and-what-they-mean-for-scam-prevention/#:~:text=The%20Code%20ensures%20financial%20providers,90%25%20of%20UK%20APP%20fraud.
3 - https://yougov.co.uk/topics/economy/trackers/how-often-brits-use-mobile-banking-ie-accessing-account-through-an-app
4 - https://www.bankingexchange.com/news-feed/item/10116-mobile-banking-set-to-surpass-online-banking-as-top-global-digital-banking-platform