By Jodi Wadhwa, Vice President Marketing at Arxan Technologies
Today, smart phones and devices are increasingly gaining popularity with many consumers preferring to now conduct their financial transactions on the go. This can include anything from remote deposits, balance inquiries and easy money transfers to mobile peer-to-peer transactions, digital wallet transactions, mCommerce, or mobile payments. In fact, analyst house Gartner forecasted that the volume of mobile payment transactions worldwide will be at £140 billion this year and will grow to £429 billion by 2017; it is easy to understand why hackers would target this lucrative sector.
However, as mobile banking advances, unfortunately so does cyber criminal activity. Hackers come up with new ways every day to break into smart devices and steal sensitive information for their own financial gain. According to the June 2014 McAfee Labs Threat Report, new mobile malware (short for malicious software) has increased for five straight quarters, with a total mobile malware growth of 167 % in the past year alone.
It is clear to see that the ever-increasing adoption rate for mobile financial transactions, coupled with cyber criminals making it a target, makes digital banking and payment protection more of a necessity than ever. Banks are under immense pressure to keep their mobile banking apps safe and up to date, and in order to stay one step ahead of cyber criminals, mobile app developers must deploy critical code – such as jailbreak/route detection, security certificates, sensitive intellectual property, etc. – into “the wild,” to reside in distributed and untrustworthy environments for digital banking or payment apps. Many are doing so without application protection.
Malicious mobile apps
We recently conducted research into the top 100 paid Android and iOS apps, the top free apps on these operating systems, as well as the most used financial services and banking applications. The analysis revealed there is widespread and unfettered hacking of mobile applications on both Android and iOS, with financial apps proving a particularly attractive target for hackers.
As part of Arxan’s research we specifically focused on the 40 most popular financial apps to analyse and understand how pervasive application hacking is and the findings revealed that these apps are deeply insecure. Financial applications are an attractive target for attackers, given the high value associated with the data that they contain. Over half (53%) of Android apps had hacked or cracked versions that were available for download, with 23% on iOS.
As malware is a form of unauthorised code modification or tampering, hackers use specialised tools to target the mobile banking application itself and attack sensitive areas within the application code. They completely reverse-engineer the app back to the original source code and plant their malicious code, and before you can say “HEY PRESTO” the app has been repackaged and redistributed unto the app stores – now with embedded malware and unbeknownst to not only the app creators, but also users downloading the “new” (and not improved!) app.
Financial services app owners also will commonly deploy their products on multiple platforms to ensure their mobile services reach the majority of their total customer base. These high-risk apps, especially with regards to mobile banking and payment applications, require a much more diligent effort in order to protect the overall application from hacking and malware threats. In addition to the potential financial losses, a compromised payment app can have a major impact on consumer loyalty and confidence, and can ultimately have an impact on the share value of these companies.
Infected mobile banking apps
Unfortunately, it is safe to assume that there are already numerous cases of infected apps on countless devices, while a large scale advanced mobile malware attack is lying in lurk somewhere waiting to be activated. Given the magnanimous potential of affecting banking or payment transactions on millions of devices, business to consumer applications are undergoing standardisation on application hardening with run-time protection practices before they are deployed.
With that in mind, our research also revealed that critical exposures in the application’s code can progress code tampering or malware attacks. From customised Mobile App Assessments of financial services apps, we found binary risks in the tune of 100% for authentication exposure, 50% of apps had jailbreak detection code and crypto exposure, and 50% had payment exposure. None of the apps were yet deployed with application hardening protection.
Further, “rich apps” provide more functionality and user experience and hence these apps need to access sensitive data, include access policies for privileged users or enable the processing of valuable transactions. For example, in some banking applications there is jail-break detection, which provides a critical decision point that would prevent users from proceeding with certain high value transactions of the application on a device that has been compromised. However, once an attacker has been able to leverage hacker tools to analyse and reverse engineer the app to locate the jail-break detection code in source code, no matter how sophisticated its logic may be, it can usually be defeated by changing a few bytes in the code.
Ultimately, financial organisations bear an onus of protecting their assets, users and sensitive data against fraud, privacy and financial loss. As the proliferation of mobile devices continues and more financial services are available through dedicated applications, there is an increasing need for mobile application security to be considered and implemented in the development process. This protection is needed to secure the application at rest and runtime. Many organisations rush to get apps into the hands of consumers, and upgrade them to offer the new functionalities and other content driven by consumer demand. The unfortunate side-effect of this is that security often becomes an afterthought.
Developers need to start implementing “application hardening” techniques at the beginning of the app building process. Security processes need to be inserted within the app that will yield self-aware, self-defending and tamper-resistant applications to ensure that the application is highly resilient against hacker attacks and can independently be capable of detecting whether its own state has been compromised, and take remedial actions as needed. Basically security innovation must be kept in-step with the innovation in mobile financial services.
It’s all relative: Older generations feel helping out the family financially is more important since the Covid-19 outbreak
Before Covid, 23% of people prioritised helping younger generations out financially, that increased to a third as a result of the pandemic
A recent survey* conducted by Hodge has revealed that the Covid pandemic has led to more people wanting to help younger family members financially.
A third (31%)** of those questioned said that since the Covid outbreak giving a financial gift to children or grandchildren is more important to them, compared to 23% who said it was a priority before the pandemic.
The traditional “Bank of Mum and Dad” is still very much open for financial help, with parents being responsible for 72% of the gifts, but the study also revealed that financial gifts can come from all corners of the family – including children (14%) and siblings (14%).
The survey also found that a third of people have received a financial gift from family, with those aged between 25-34 as the most likely to receive
The most popular reason for gifting money to family is for special occasions such as a quarter of gifts were given for weddings and birthdays but 11% of people have received money to help with big purchases such as cars and houses. In addition, 19% of people have received help with day to day finances, with around 14% of those receiving a gift have done so to pay off debt.
Emma Graham, Business Development Director at Hodge, said of the research: “Our study showed that, as a nation, we all want to help our family out when it comes to money. And whilst we all think of the Bank of Mum and Dad or Gran and Grandad as a traditional source, we were surprised to see that 14% of brothers and sisters are also helping out.”
The findings come from a recent intergenerational study conducted by Hodge, who interviewed over 3000 people about their attitudes towards finances and their aspirations for the future. The full research findings can be found at https://hodgebank.co.uk/2020/05/19/money-its-all-relative/.
As part of the study, people were also asked about paying back the gift, with 40% of beneficiaries expecting to pay their parents back, but this dropped to 28% if the gift came from grandparents.
From the gift donor’s perspective, 26% expect the gift to be paid back, however just 15% of grandparents expected the money back.
Hodge has produced a set of guides on how families can navigate the tricky subject of giving financial gifts within a family, as well as the considerations and steps that be families should think about taking before a gift is given, such as is it a loan or a gift and thinking about contingencies if the family member’s circumstances change. The guides can be found here: https://hodgebank.co.uk/news/
Emma continued: “It’s clear that families feel strongly about offering financial support to each other if they are able and this has increased since the Covid pandemic. Before Covid, 23% of people prioritised helping their families out financially in the next five years. Since the Covid-19 outbreak that has increased to a third of people saying helping a family member financially had become more important.
“So, it is clear that the Covid-19 lockdown and subsequent predicted economic downturn, has led to more families looking to share wealth to help younger children or grandchildren during this difficult time. Many people may look to Later Life mortgages, where many products have reduced their rates and have flexible lending criteria, to help out a loved during these difficult times.”
New report identifies the factors which will determine SMEs’ chances of a successful COVID recovery
· Analysis of the performance of over 1,000 UK small and medium-sized businesses by Allica Bank provides roadmap for SMEs
· Regular training, an openness to innovation, and a clear vision all contribute heavily to an SMEs’ chances of success
· Allica Bank has launched a programme of free workshops to expand on the findings and support business owners
Business bank, Allica Bank has combined data and insight from over 1,000 UK SMEs with a multiple regression analysis to determine what factors most closely aligned with an SMEs’ chances of success and separated the highest-performing businesses from their peers. These ‘rules for success’ have been compiled from the research data to support British businesses as they look to chart a course to post-Covid recovery.
The full report identifies six behaviours for small and medium businesses to follow, to maximise their chances of a successful COVID recovery. The six top-line rules emphasised by the data were:
Rule 1: SMEs should regularly train staff
Of the top-performing businesses analysed, 47% provided training for employees at least on a quarterly basis, compared to just 32% of other businesses. Regular employee training was linked closely to success by the model.
Despite this, many small businesses have neglected training and nearly half (46%) of the small businesses analysed only provide training for employees about once a year or less often. This included 15% that never provide employer-funded training. This discrepancy could represent a significant opportunity for small businesses to unlock the potential of their employees and thrive in the post-Covid economy.
Rule 2: SMEs need to focus on innovation and technology
Looking again to the best performing businesses, 76% were found to either continually (39%) or often (37%) be considering new opportunities for technology in their business. This is compared to only 51% for businesses considered to be outside of the top ranks, out of which only 27% admitted to continually looking for new technology opportunities.
Rule 3: Small business must have a formal, long-term vision
Nearly two thirds (66%) of the most successful businesses in the survey had a formal, long-term vision, compared to just 50% of businesses outside the top 100. Looking to the businesses that scored the lowest on the SME Performance index, only 37% claimed to have a formal, long-term vision.
Rule 4: SMEs should broaden their customer reach and find new markets
Of the top-performing businesses, 65% of these have overseas customers compared to just 40% of the worst performing businesses. Among the best performing SMEs, over a third (34%) identified international expansion as one of the top three drivers for their success.
Rule 5: SMEs need to develop reinvestment plans
22% of the best performing SMEs reinvested some of their profits into the business in the past three years with an average 9% of profits being redeployed. Tellingly, this is nearly double what other businesses admit to reinvesting in their business (5%).
Rule 6: SMEs should engage with local business organisations and networks
Of the top 100 SMEs, 30% had obtained external credit to expand over the past three years (compared to 24% of other businesses). Meanwhile, only 16% of all other SMEs had engaged with local enterprise partnerships or growth hubs in the past three years (compared to 23% of the top 100 SMEs).
Chris Weller, Chief Commercial Officer, Allica Bank, said:
“All small businesses are different, as are all small business owners, but one trait they share is an innovative resilience. Whilst the coming months and years will undoubtedly continue to present extreme challenges, there is no doubt that small and medium sized businesses across the UK will rise to meet them head on.
“To give them the best chance to succeed, though, they need to be equipped with the right tools. There is certainly no silver bullet or panacea for every small business, but as this study has found, there are a number of common factors found in the most successful businesses that allow small enterprises to thrive and that they can consider individually for their business.
“This research has identified common ‘rules for success’ that speak to every aspect of running a business, not just the financials. Once we saw these results, we wanted to use them to help small businesses begin to re-build and prosper, by outlining common factors and then examining how best they can be practically applied to businesses in all sectors of the economy.
“Small business owners and their employees have been hit hard by the crisis, but they have the drive and resourcefulness to breathe new life into the economy and bring energy to post-Covid Britain. Our commitment at Allica Bank is to give them the support they need to do so, every step of the way.”
The full report contains a wealth of additional data and insight into each of these topics. As part of its mission to empower small businesses, Allica Bank is making the findings freely available and running a series of free online workshops with relevant partner organisations for businesses to attend.
New research finds that financial wellbeing should be at the heart of banks digital experiences as the UK enters recession
MullenLowe Profero have today launched a new report focusing on two communities who will be hardest hit by the recession: 18-25 year olds and small businesses. These communities need financial wellbeing support at the core of an increasingly digital relationship. MullenLowe Profero partnered with Censuswide to survey 1,004 18-25-year-olds and 504 small businesses.
Concern around financial shocks is harming individual’s wellbeing
The survey finds the ability to absorb financial shocks being the critical worry affecting wellbeing and 40% of 18-25-year-olds are sometimes afraid to look at their bank account.
They are seeking financial education to relieve worries
With over two-thirds of respondents demanding financial education in order to find peace of mind and 40% of 18-25-year-olds state that thinking about their money has a negative impact on their wellbeing the report highlights the audience are open to more active support from banks. 60% of the audience feel banks should help them have the capacity to absorb a financial shock.
When our bank is in our pocket reminding us of our anxieties, is there now a duty of care to support our wellbeing?
The survey finds that the digital experience is now the number one reason for choosing a bank for 18-25 year olds.
With this shift in digital preference, people are expecting banks to play a bigger role in wellbeing. 58% of those worried about their money want banks to help them take control.
More than half of 18-25 year olds agree that a bank’s role is now to:
- provide education on money management
- help them keep on top of financial goals
- help them save enough money to cope with the ups and downs of life
People are feeling closer to local communities, but there is a gap in how brands should engage communities in a digital world
Half of 18-25 year olds agree that in the last few months the importance of their local community to them has increased. 40% agree they’ve engaged more with their local community in recent months. There’s a tension between how to engage a community as 60% agree they prefer a bank with better digital tools over a bank that offers more local branches. However, 60% feel banks need a branch presence to support local communities.
The importance of Global Wellbeing rises
Over half of 18-25 year olds agree that the events of the last few months have made them seek out brands that do better for the world. The research findings show that what they want most is to be recognised for their positive behaviours. 56% of the audience highlighted that they would find rewards and benefits for purchasing ethically and sustainably most useful.
Banks digital experience today lack empathy
In this time of reset, the survey found a third of customers and small businesses are considering changing banks in the next year as a result of the impact of the pandemic. The report concludes that brands that will win will champion financial wellbeing in the digital experience through empathy and emotional intelligence.
For the full report, get in touch with MullenLowe Profero at [email protected]
Howard Pull, Head of Digital Transformation Strategy at MullenLowe Profero, said: “Our findings are a wake up call for digital innovation in banking relationships. With digital experience being the number one choice for selecting a bank, there’s a huge opportunity for banks to support individual wellbeing at scale by understanding and responding to our goals and anxieties to build better money habits.”
The research was conducted by Censuswide, with 1,004 18-25-year-old current account holders and 504 small businesses with business bank accounts and annual revenues up to £2m between 23.06.2020 and 29.06.2020. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles.
Return to work: Flexibility, preparation and communication are key
By Matt Weston, Managing Director, Robert Half UK As lockdown restrictions ease for the foreseeable future, conversations across the business...
How sustainable AI improves the triple bottom line
An investment in green AI enables financial services firms to align people, profit, and planet By Nick Dale, EVP business...
The impact and implications of Covid-19 on financial reporting
By Mark Billington, Regional Director, Greater China & South-East Asia, ICAEW The economic consequences of Covid-19 have been unprecedented, affecting...
Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy
Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million. Unlike most applicants who...
Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver
Nearly a third (32%) of consumers would switch providers if a brand’s website is unavailable for more than 24 hours...
Demonstrating the value of collaborative leadership during crises
By Jean Stephens, CEO, RSM International In 2000, a leading expert in behavioural science, Daniel Goleman, outlined the six key...
Empowerment Accelerates Continuous Improvement
By Larry Sternberg, JD, Fellow, Talent Plus, Inc. Empowerment First, let me clarify how I am using the word “empowerment”...
What is loneliness and how can you manage it?
By Iris Schaden Your Business and Personal Coach A mere century ago, almost no one lived alone. Today, many do...
How banks can build digital transformation into business continuity
By Andrew Warren, Head of Banking & Financial Services, UK&I, Cognizant Businesses around the world are falling victim to the...
Akerton Partners S.L. is a Spanish independent mid-market corporate finance advisor founded over a decade ago, in 2008, amid a...