Over the last decade, our smartphones have evolved from technological tools to personal companions, fusing themselves into our palms, resting by our heads while we sleep, and – more or less – never straying more than an arm’s length from our person.

We tell them most of our secrets, conducting personal conversations over text message, Googling our most embarrassing questions, ordering prescriptions and groceries, sending and receiving money, keeping tabs on our online banking and investment balances, and tracking our location wherever we go.

That the thing in this world that knows the most about us might also hide a growing number of digital dangers is, understandability, a little scary.

New BioCatch research shows around three-quarters of all fraud cases in Europe now take place on mobile devices, up 6% from 2022. In the first half year, fraud in the UK alone totalled £580 million in losses. Unfortunately, it appears we’re now paying the price for our smartphone reliance. To fight back, we must examine how bad actors exploit this addiction to our phones.

Current tactics

Banking apps and the relative ease of modern digital banking play a big role in modern fraud. Cases of authorised push payment (APP) fraud, in which a victim is tricked into sending money to a criminal, continue to rise in the UK, making APP the most common fraud type in both volume and value since 2019. Similarly, money mule fraud, where people are unwittingly recruited to transfer criminals’ money between bank accounts, is also a huge concern. Mules are everywhere. In 2023, BioCatch detected more than 10,000 suspicious accounts among the company’s European customers.

Meanwhile, almost a quarter (24%) of remote-access cases, where scammers get control over your phone from a remote location, now take place on a mobile device. More than half (55%) of those occur on Apple products like iPhones or iPads. Usually, remote-access fraud involves criminals connecting to and then controlling a victim’s phone or computer via software, but iOS devices aren’t supposed to allow any type of third-party remote-access control, implying victims are being persuaded not only to share their screens but also to carry out the actions themselves, all under the guidance of the fraudster.

What the government is doing

One positive is that authorities are beginning to crack down on smartphone scams. The UK is the first country in Europe not only to mandate reimbursement for fraud victims (no matter the scam for which they fell) but also to split reimbursement liability between the sending and receiving banks. As banks are now increasingly on the hook to reimburse fraud victims, they’ve tightened digital security to align with ever-changing regulation and make it more difficult for fraudsters to take over accounts.

These reinforcements have led to a monumental increase in the detection of mule accounts over the last year. However, they’ve also sparked criminal innovation. Bad actors have begun to pivot to new tactics, leading to the explosion in social engineering scams seen across the UK. Simply put: We can’t rely on governments and regulators alone for protection. We need our banks and businesses to be as creative as the criminals and employ technologies that pre-emptively stop fraud in its tracks.

The banks’ role in protecting us

Behavioural biometric intelligence can detect and prevent all types of smartphone fraud in real time, monitoring finger-swipe patterns and accelerometer motions to see when human tells like slightly curved swiping and shaky phone-holding might become abnormally straight and steady (signalling a non-human user session).

To identify bad actors, technology can now monitor touchscreen-press size, area and pressure, and other behavioral biometric indicators to identify patterns and answer: Is this customer acting like they normally do? If not, it’s usually a good indicator the activity is fraudulent, allowing the organisation to proactively block the transaction and protect the victim, rather than reimburse them after the fact.

The proverb “keep your friends close; keep your enemies closer” clearly wasn’t first written with mobiles in mind. But if we want to keep smartphones inextricably linked to our personal lives, we need to take a closer look at how fraudsters target them, keeping them not only in our pockets but also under our control.