Security is failing to keep pace with smartphone utilisation with compromised digital wallets and banking apps leading to growing identity threats, a report has revealed.
The Evolving Smartphone Usage and the Growing Threat to Consumers report from UK fintech startup Nuke From Orbit quizzed UK consumers on their smartphone usage.
Its research reveals that 78 per cent use their smartphones for mobile banking, 85 per cent for accessing email, 71 per cent for managing social media and 51 per cent. This, it suggests, indicates that cybercriminals can easily access personal data from a single mobile device, especially with 45 per cent admitting they use the same PIN to gain access to the phone as well as multiple apps, services, and bank cards.
One in four individuals have experienced digital wallet theft and one in five face unauthorised access to personal bank accounts via mobile apps. In 62 per cent of smartphone theft cases, businesses face severe financial and cybersecurity risks. Despite company efforts, lax PIN hygiene and open apps on stolen devices pose serious threats, including account takeover and ransomware attacks.
James O’Sullivan, CEO and founder of Nuke From Orbit, said: “Biometrics were introduced to make smartphones more secure because the frequency with which you need to input a PIN is greatly reduced, but our research shows this has led to some complacency.
“Criminals are returning to old-school shoulder surfing tactics – that made ATMs a nightmare – to access the phones they then steal to commit secondary crimes.
Fighting fraud
According to the research, not only were respondents’ social media and email accounts accessed, but one in four individuals also fell victim to digital wallet theft, resulting in monetary losses. The study reveals that one in five respondents experienced compromised personal bank accounts through unauthorised access via mobile banking apps.
Nuke From Orbit outlines the industry’s responsibility to offer smartphone users the highest level of protection by leveraging technology for instant data security in cases of device compromise.
The UK Product Security and Telecommunications Infrastructure Act 2022, effective 29 April, mandates security standards for consumer tech products to combat cyber threats, holding businesses, including banks, accountable for safeguarding customer data through measures like minimum password requirements and reporting procedures.
“The Act is relevant for all businesses in the mobile ecosystem, including banks, fintechs and online service providers,” adds Sullivan. “Service providers are responsible for ensuring they do everything possible to protect consumers when the worst happens. Our research suggests that currently, they are not doing enough.
Nuke From Orbit actively supports service providers in safeguarding individuals’ digital identities and swiftly restoring their control over data in the event of smartphone theft. It provides a digital panic button, empowering individuals to block access to various services and accounts all at once if they experience smartphone theft.
