Suboptimal Security Solutions Leave Mobile Wallets VulnerableJAVELIN Assesses Fraud Prevention Solutions, as Banks Jump into Mobile Wallets
San Francisco, CA, April 14, 2016: Despite mobile wallets proving to be irresistible fraud targets, financial institutions (FIs) and issuers are jumping into the market and releasing their own wallet solutions. Suboptimal enrollment authentication solutions combined with poor consumer behaviors create challenges in preventing fraud against bank-branded mobile wallets. Today, JAVELIN released, Mobile Wallet Fraud Mitigation: Finding the Path Forward, which assesses the early challenges of managing mobile wallet fraud risk and, most importantly, provides key recommendations for FIs and issuers.
In 2015, thousands of consumers were exposed to fraud with fraudulent enrollments of Apple Pay. Losses reached hundreds of basis points at some FIs and issuers. According to JAVELIN data, about 112,000 consumers suffered account takeovers -- through mobile wallets in 2015. (Account takeover is the method when fraudsters attempt to gain access to a consumer’s account – in the case of mobile wallets, by adding victims’ accounts to devices and mobile wallets under the control of a fraudster)
For certain key consumer segments, the apparent absence of strong security controls could inhibit adoption. Consumers such as -- baby boomers, affluent, and middle-class consumers -- are more likely than the average to avoid mobile wallets because of security concerns. Averting another series of fraud events with the same high-profile nature as early Apple Pay fraud cases is crucial to encourage these key segments to adopt mobile wallets.
“The digital compromise of a mobile device will become an irresistible attack vector for cybercriminals bent on mobile wallet fraud. The next security threat will come from the interception of SMS-based one-time passwords used for enrollment in a third-party wallet app,” said Al Pascual, Research Director and Head of Fraud & Security, JAVELIN.
The report, Mobile Wallet Fraud Mitigation: Finding the Path Forward, assesses the early and future challenges of managing mobile wallet fraud risk and provides key recommendations for FIs and issuers. The report includes 15 vendor profiles including: CA Technologies, Early Warning, Experian, Gemalto, GIACT, IDology, Jumio, Keypasco, myPINpad, Neustar, Nexmo, RSA, VASCO, Verifi, and Zumigo. The results also relied on two surveys of almost 3,200 and over 5,100 U.S. adults.
Related JAVELIN Research
• What's in Your Mobile Wallet?: Lessons from Bank-Branded Wallet Pioneers
• U.S. EMV-ification: The Growing Case for Contactless Cards
• Trust, Technology, and the U.S. Consumer
JAVELIN, a Greenwich Associates LLC company, provides strategic insights into customer transactions, increasing sustainable profits for financial institutions, government, payments companies, merchants and other technology providers. Javelin’s independent insights result from a uniquely rigorous three-dimensional research process that assesses customers, providers, and the transactions ecosystem.