While many banks claim to adopt a mobile-first strategy, they often tie their mobile apps to internet banking during activation and customer onboarding. Initially, this was a functional concept, as mobile banking existed as an auxiliary channel to internet banking.
However, as user adoption of mobile banking has grown, attackers have increasingly targeted activation and onboarding processes. Fraudsters use internet banking as their self-care system: Since internet banking is available online and to anyone with an internet connection, it’s a handy hacking console that attackers routinely use to cause damage. By efficiently hijacking mobile banking activation and onboarding via internet banking, attackers pair victims’ accounts to their devices. They then gain complete control over the customer’s bank account and can steal both their money and pre-approved loans, leaving an audit trail that’s difficult to investigate.
The solution to this problem is for banks to genuinely become mobile-first through rethinking their mobile onboarding process. Financial organizations can ensure better customer verification and prevent financial fraud through mobile personal identification (such as a document scan) and genuine presence check (using server-side facial biometrics). At the same time, banks should aim to use customers’ official government identity as input to the process and propose legislative changes to enable such access.
In light of the current increase in phishing attacks, we would like to talk about the shift that needs to happen on the bank side to protect the end customer.
- 14:00 to 14:05: Introduction to the webinar – Olena Grynuik
- 14:05 to 14:30: Time to rethink mobile onboarding – Petr Dvořák
- 14:30 to 14:45: Q & A
CEO at Wultra (Czech Republic)
CEE Regional Director at SME Banking Club (Poland)
- By registering at the webinar, I agree with the processing of my personal data indicated in the above form, i.e. e-mail address and my name in order to answer questions via the contact form, and also send marketing materials from SME Banking Club and its partners;
- The administrator of personal data is GG Company sp. z o.o. with its registered office in Krakow at 30-381, Poland, Krakow, ul. Królewska 65A/1.
Read full GDPR Policy here
The webinar was streamed live on October 13, 2022. Watch the webinar recording below: