Keiron Dalton has called on the banking industry to include extra checks to prevent SIM Swap fraud.
According to guidelines from the European Banking Authority, banks and payment service providers must use at least a two-factor authentication for complex transactions such as payments. If SMS is part of this, it has been suggested that the provider should deploy extra context checks such as divert detection, location-based checks using GPS, and SIM Swap detect via the contact centre.
Mobile banking customers may be at risk of financial fraud if banks continue to use SMS alone to send one-time passcodes to mobile devices in order to authenticate transactions.
“The industry is of course nervous about making the customer journey any more complex or time-consuming, especially since mobile banking apps in particular are designed to fit into modern, busy lifestyles and be quick and easy to use. But context checks to detect SIM Swap attempts can be performed in the background, causing no disturbance to the seamless user experience many banking customers in the UK are used to today,” said Keiron Dalton, Senior Director of Customer Strategy & Innovation at Aspect Software.
“Many banks and PSPs should be rethinking their current online and mobile security processes, as well as reviewing the user journey when using such services. They should also pay attention to any increased risk surrounding channel choice when it comes to authentication processes; is a quick and easy mobile banking app better than a secure one?” Dalton continued.
With thanks to Keiron Dalton at Aspect Software