The ATM Industry Association has released a new best practice manual for preventing mobile banking fraud. The manual places particular focus on applications linked to ATM systems.
As smartphones and tablets grow in both sophistication and popularity with consumers, so too have mobile apps that give consumers anytime/anywhere access to their bank accounts. Today, mobile banking and related mobile commerce represents an increasingly important and fast-evolving channel for the financial services industry.
Mobile device interactions with an ATM can include:
- cashing out transactions initiated on a mobile device;
- alerting consumers to transactions performed at an ATM;
- receiving an electronic receipt for a transaction performed at an ATM;
- providing a one-time password that replaces the traditional card and PIN to authorize an ATM transaction.
“In a time when the ATM can be used to complete transactions begun on a mobile phone, and as cardless ATM transactions gradually replace ones initiated by plastic cards, it is important to check out any security vulnerabilities associated with mobile phone banking applications,” said Mike Lee, CEO of ATMIA. “This manual, expertly edited and drafted by Douglas Russell, with crucial inputs from Susan Matt and members of our security council, examines those vulnerabilities and makes recommendations which could reduce risks of future compromise.”
The manual also aims to increase understanding of the relationship between the mobile and ATM channels. According to Lee, downloadable apps for smartphones and tablets are creating new and more sophisticated interactions between the mobile device and the consumer’s bank accounts.
For this reason, Lee said, “We urge customers to take the same care with their phones as they do with their cards and cash. In addition, financial services providers should increase customer education in this area.”
The new best practice manual for preventing mobile banking fraud is available at the ATMIA website.