Why Mobile Security Must Take Centre Stage in Banking by 2025

Mobile phones are integral to modern life. An overwhelming 98% of 16 to 54-year-olds own a smartphone, and 59% of workers favour their phones over laptops or desktops for running their businesses.

This reliance is particularly evident in financial services. Research shows that more than three-quarters (78%) of mobile users access banking services via their phones, with 51% using digital wallets. Fintech companies, whether targeting individuals or businesses, are also heavily reliant on mobile apps to deliver their offerings. From checking balances to making transactions or applying for services, mobile phones are transforming how we manage money, granting people unprecedented control and accessibility.

The Growing Threat of Mobile Theft

However, the rise of mobile-centric banking has a dark side. While phone theft is nothing new, the surge in cases is alarming. In the UK alone, the year to March 2024 saw 78,000 reported mobile thefts—a staggering 152% increase on the previous year.

Fifteen years ago, losing a phone was inconvenient but manageable. You’d contact your provider, get a replacement, and carry on. Today, losing a phone is akin to misplacing the master key to your life. Modern smartphones are treasure troves of personal information—everything from emails and messages to location data and access to banking or work-related apps.

For business users, the risks are amplified. A stolen work phone could grant a thief access to sensitive company data, financial records, or even corporate social media accounts. Sophisticated attackers might leverage this information for deep fake scams or other malicious activities.

In short, an unlocked phone in the hands of a criminal is a gateway to identity theft, financial losses, and severe breaches of privacy.

Phones as the Weak Link in Security

While many apps use biometrics and two-factor authentication (2FA) for security, these measures often rely on the very device being targeted. For example, if a thief observes someone entering their phone’s PIN, they could bypass many standard security defences.

Worryingly, only 36% of respondents to a recent survey reported using unique PINs for their apps versus their phone. Furthermore, many apps remain open once accessed, allowing criminals to alter login credentials and ID details.

The government has taken notice of this escalating threat, pledging to combat mobile theft by promoting a “kill switch” that can permanently disable stolen devices. This would make stolen phones useless for resale and restrict unauthorised access to apps and data. However, for this initiative to succeed, collaboration is essential between phone manufacturers, app developers, banks, and fintechs.

Banks’ Role: Innovation and Education

Banks and fintechs have a dual responsibility to address mobile security—through technical innovation and customer education.

On the technical side, banks should adopt advanced tools like AI-driven fraud detection, which can monitor account activity and detect anomalies in real time. For example, irregular swipe patterns or typing speeds could trigger security alerts before any financial damage is done.

Education is equally vital. Banks must continuously engage with customers about mobile security basics and emerging threats, such as “shoulder surfing,” SIM-swapping, and fake banking apps. This includes raising awareness of behaviours like:

• Using distinct PINs for different services.
• Updating phones regularly to fix vulnerabilities.
• Avoiding public Wi-Fi for financial activities.
• Logging out of apps or enabling automatic closures.

Encouraging proactive behaviour is key, as many people only change habits after a security breach. By educating users about potential risks, banks can empower them to take better precautions.

A Shared Responsibility for Better Security

The responsibility for mobile banking security doesn’t rest solely with users. It requires a collaborative effort across the banking, technology, and government sectors. From enhanced communication about risks to innovative security measures, all parties must work together to tackle this growing issue.

For individuals, vigilance is crucial. Mobile users should assess their daily habits and understand how criminals operate. Just as we’re warned about risks when using cash machines or transferring money, banks must offer similar guidance for mobile security.

Without collective action, the consequences of mobile theft will continue to escalate—impacting consumers, businesses, and the broader financial ecosystem. Only through collaboration, education, and innovation can this threat be effectively addressed.