US consumers may use mobile devices for banking transactions, but they seem to have a low degree of confidence in the security of those transactions. According to American Banker, only six percent of respondents in research conducted by MyBankTracker said they trusted mobile technologies for use in banking transactions. American Banker noted that, since a Verizon study found that 55 percent of American smartphone users made a mobile banking transaction in 2015, that low level of trust is remarkable.
This underscores how important it is to build mobile banking platforms that encompass both risk and security measures and to continually asses their ability to keep these platforms secure for customers.
Accenture’s newest Cyber Resilience research indicate that a strong approach to cyber resilience means building holistic capabilities. Few businesses can say they have mastered their approach to cyber risk; they tend to encounter problems in these areas:
- Organizational silos. Cyber risk is often viewed as a technology concern to be handled by the Chief Information Security Officer. Chief Risk Officers may not be involved as they should.
- Insufficient business involvement. Information security is a business issue, not just a technology concern. Companies should manage cybersecurity risk from a business-centric, enterprise-holistic perspective.
- Over-reliance on training and communications. Most cyber risk mitigation programs rely too heavily on controlling risk by changing human behavior. Cyber resilient organizations can contain attacks without relying solely on people as the way to mitigate the risk.
- Talent shortfalls. With high demand for technology-savvy resources, available talent to build a resilient business may be limited.
For many businesses, this involves re-architecting business processes to reduce the firm’s access, dissemination, and reliance on highly sensitive data. Other measures involve re-architecting infrastructure and systems to limit the extent of potential damage when an attack occurs or systems and processes fail.
While organizations cannot protect themselves at all times from potential attacks through multiple channels, it is important to put in place structures, technologies and processes to build resilience—or fast recovery—is critical to operating effectively in today’s connected world.
With increased diligence around bringing these types of risk and security practices into mobile banking systems, we can move towards regaining the trust of banking customers.