"The future isn't what it used to be!" This according to an anonymous IBM executive concerning predicted future trends in personal computing around 1992... clearly, a person in touch with both insight and sarcasm. Now, apply the same quote to mobile banking. It's predicted that the rapidly growing trend in mobile banking, at its current pace, will surpass in-branch banking, with 2021 being the tipping point. And with predictions of 71% of customers using mobile banking by 2024, the trend is not likely to slow down. Security concerns are also growing right alongside the demand for mobility. Finserv companies were already on high alert, having experienced a 147% increase in phishing attacks between January and September 2019 from scammers imitating financial organizations. Yet members are still prioritizing convenience while expecting their credit unions to do their due diligence to ensure member data is safe. With the rapid adoption of mobile banking apps, as well as the overwhelming presence of cyber-crime, credit unions must shift their focus to not only improving the mobile banking experience for members, but also to ensuring member data stays secure.
It was already difficult and simultaneously critical to protect financial data, but adding mobile access on top of that means more layers of security should be added as well. This need can be summed up with one disturbing statistic: despite repeated urging of every security expert in the world, 65% of people use the same password EVERYWHERE. They know it's not recommended, they believe they understand the repercussions, but human nature is what it is. They believe their anniversary date is an un-hackable number, or are firmly grounded in the belief of the optimism bias: each of us is more likely to experience good outcomes and less likely to experience bad outcomes, disregarding the reality of an overall situation because we think we are excluded from the potential negative effects. It's these types of people - those who skip the sunscreen, not wear their seatbelt all the time, forego the bike helmet, or use the same password everywhere - that Two-factor authentication was designed for.
Two-factor authentication (2FA) generally uses a unique one-time use code sent via text message or email address to the information on file for that account. Alternatively, pre-selected security questions challenge the end user, asking for information such as maternal grandmother's maiden name, their favorite teacher, or their best friend in second grade's favorite flavor of ice cream. More advanced technology, such as facial recognition, is increasingly being deployed for secondary login information. As discussed in our article, "Two-factor Authentication for Financial Accounts — It Really is More Secure," the more complex the process, the more secure it will likely be, but the more cumbersome it is on the end user.
This is not a time to abandon the branch and invest entirely in mobile banking security. Branch visits are dropping, although data suggests this activity is not decreasing at quite the same rapid rate as its converse, declining at a rate of 1.5% per year. So, as with most trends, it is imperative to look to the future, but also ensure you are keeping members in the present happy. Banking has certainly undergone many changes in the past decade, but simultaneously keeping members happy and their finances secure should continue to be the credit union focus.
