by John Thielens, CSO, Axway
Ann Carrns’s recent blog post on consumer concerns over mobile banking security reminded me of an idea brought up in Bruce Schneier’s latest book, “Liars and Outliers: Enabling the Trust that Society Needs to Thrive,” which touches on how the human capacity to perceive risk — a capacity that evolved on the African plains hundreds of millennia ago — evolved specifically for a wild, uncivilized environment, not the sophisticated, high-tech universe we find ourselves in today.
Here’s a reality check: Consumers fear the security risks of mobile banking even though the technology is identical to the technology accompanying any banking they do.
In a post-Check 21 world, for example, paper checks are regularly scanned, their originals may be immediately destroyed, and the digital image becomes a legal replacement document that is routinely transmitted through cyberspace.
So where does this consumer fear come from? I think it originates a little closer to home than the technology that enables mobile banking — because the truth is that most attacks in cyberspace aren’t on the core technologies or cryptography underlying the system, but rather on the people who touch the system. So the biggest risk involved in online and mobile banking is the fact that you haven’t changed your online banking password in six years, you don’t have a PIN protecting your phone, and you gave your ATM PIN to your assistant or kid so they could withdraw money!
If any behaviors should give us pause, it’s these kinds of “careless” security behaviors, practiced by individuals themselves.
So, here’s the plan: Protect yourself, take care of your credentials, and don’t share passwords with anyone. Then relax and watch your online risks — including your banking risks, mobile or otherwise — diminish considerably.