According to a survey done by PaymentEye.com, most of us take these three items whenever we get out through the door: home keys, a wallet, and a phone. Combining the last two seems like a logical thing to do, as mobile becomes increasingly popular way for making payments, both in-store and online.
However, fraudsters have also taken note of that change and have adopted their methods accordingly, as evidenced by the rise in fraud attempts in the mobile channel.
In a world that is dominated by networking and communications, convenience and user experience is no longer a luxury - it is a necessity. Mobile payments offer a cashless, fast and intuitive way for customers to make financial transactions on the go. Mobile payments become an increasingly attractive alternative to both in-store, cash and online credit card payments. Yet, fraudsters attack mobile banking from every possible angle.
Although there are many threats lurking behind pretty much every corner, payment services via a mobile devices are on the rise.
Mobile Payment Statistics
To understand the magnitude of the trend, here are some statistics:
- According to Statista, in the fourth quarter of 2016, mobile e-commerce spending in the United States amounted to 22.7 billion US dollars.
- WorldPay forecasts that mobile wallets will surpass both credit and debit cards by 2020 in the US.
- According to Juniper Research, U.S. consumers purchased $47.6 billion of physical goods via remote mobile payments.
- According to BI Intelligence, in-store mobile payments will reach $503 billion by 2020, growing at an astonishing CAGR of 80% between 2015 and 2020.
And despite initial reservations by payment providers, mobile channel is well suited for big transfers. According to Visa, 43% of British consumers feel equally comfortable buying high-value items, like vacations and electronics, on a mobile device as they do conducting small transactions.
Current Trends in Mobile Payments
Mobile payments will continue to grow in 2018, and as more and more businesses and their customers continue to embrace mobile payments its benefits are becoming crystal clear. The mobile channel can easily facilitate nearly any type of consumer payment, often with greater convenience than before.
This has attracted a growing legion of dedicated users. The typical user is just over the age of 30, have an above-average yearly income and spends nearly twice as much on retail as nonusers. It is no wonder that millennials, the group known for prioritizing convenience and user experience will flock to mobile payments.
While US consumer payments are a massive figure at $4 trillion, mobile retail payments will still exceed $220 billion in 2017. Yet, wherever legitimate payments begin to flourish fraud is soon to follow — and mobile payments is no exception.
Mobile Payment Fraud Trends to expect in 2018
Securing mobile payment apps is critical to managing the risk of mobile payments fraud. Unfortunately, criminals’ methods and skills are evolving more quickly than the controls that are being put in place to protect mobile payments and underlying accounts.
In 2018 mobile payments are poised to continue rapid growth, and yet, numerous vulnerabilities in mobile payment apps remain unaddressed, making them easy targets for fraudsters who have honed their skills.
In 2018, we can expect the increase in:
- Malicious Apps - Recent research reported that at least 50 malicious apps in the official Google Play store were downloaded up to 4 million times, infecting as many as 36 million devices. While Google quickly removed the apps once they were reported, within days apps from the same malicious family were back and successfully infected more than 5,000 devices.
- Bot Attacks - Bots continuously evolve, leveraging advances in technology to impersonate legitimate users and human behaviors convincingly in order to pass through cyber defences and fraud controls.This year alone, digital advertising fraud by bots is estimated to surpass $6.5 billion.
- Emulators and Simulators - While emulators are widely used for legitimate purposes, attackers have found them very useful to launch large-scale mobile attacks. Attackers could run virtually unlimited instances of an app on mobile device emulators to perpetrate attacks by imitating legitimate users on actual smartphones.
- RATs - Another attack vector that is popular with cyber criminals is to actually hack a device and then take over the control of the mobile device or an application to launch the attack. Ultimately, this attack involves a legitimate device and application that an attacker has taken control of without the user's' knowledge.
The biggest concern is probably mobile wallets where identification and verification procedures remain dependent on weak forms of authentication. Undoubtedly, as fraudsters take over accounts using compromised credentials, payment merchants and e-commerce organizations will be forced to improve their authentication procedures.
Preventing Mobile Payment Fraud with Continuous Authentication
As fraud attacks continue to grow both in volume and in sophistication, payment providers and their customers have long searched for secure mobile authentication methods that are secure, while at the same time are not harmful to the user experience.
Behavioral biometrics gives payment providers the upper hand. Using behavioral biometrics, continuous authentication provides companies with a secure and customer friendly solution to mobile payment fraud.