Entersekt CEO, Schalk Nolte, looks at how African banks are responding to mobile security threats and points out that the rest of the world should be taking a page out of their book.
By Schalk Nolte, Entersekt CEO
The growth of mobile banking has surged over the last two years. An October 2015 report from Juniper found that over a billion phone users would have used their device for banking by the end of last year, and expected this number to double by 2020. In fact, the uptake in emerging markets in particular required the company to revise its 2016 predictions to make allowance for the leap in users.
While international companies are certainly looking at the phenomenon and making sure that mobile forms part of their channel to market, many African companies are opting for a mobile-first approach, simply leapfrogging the traditional channel approach.
From a business perspective, banks understand the benefits of mobile banking and are actively driving its uptake. Mobile banking is ubiquitous, it’s self-service and low cost. Juniper has said that a mobile banking transaction costs a forty-third of what an in-branch transaction does, and we have heard some banks say that up to 60 percent of their operational costs go into providing for branch services.
What is interesting, though, is how African banks are placing security at the heart of their mobile strategy. They have good reason to do so. Security breaches threaten to build mistrust towards this innovative and low-cost channel, in turn slowing uptake and the ultimately impacting on the success of any mobile strategy.
According to Kaspersky Lab, the volume of malware targeting mobile users increased three-fold from 2014 to 2015. RSA Online Fraud Resource Center, meanwhile, has estimated that a phishing attack takes place every minute, with one in four of those attacks originating in the mobile channel.
The reality is that hacking has become a commodity. Malware is created and is then sold on the dark web. Attackers move from region to region until consumers catch on or until the market is saturated. Hacking as a Service is now a reality, with hackers even having service level agreements with their customers.
The technology companies that have the advantage are those with a global footprint. They are able to identify and counter threats in one region, and then apply it to all of their global clients, staying ahead of the curve as far as possible.
Security remains high on the global CIO agenda and C-level executives are finally recognising its importance – none more so than leaders of financial institutions in Africa. Securing the mobile channel is mission critical to client acquisition and retention. They understand that if a customer does not feel secure with an institution, they will either switch to another bank or stop using the service altogether.
It’s this understanding of the customer’s needs that really lies at the heart of the African banks’ strategies. If banks want to drive user uptake, nurturing trust must be a priority. If a potential or current user hears of a bad experience, not only are they less likely to try new services, but they may disengage from the banking platform altogether.
And it’s not only the African banks and mobile payments providers that are taking security seriously. African regulators are issuing directives to force banks to implement decent security. Regulators in Nigeria and Egypt are dictating to banks and ensuring that they use two-factor authentication with transaction signing and Public Key Infrastructure (PKI).
The attitude of the African regulators is correct. If criminals broke into a bank and forced a vault open, would the bank’s customers be expected to cover the loss? The same rationale should apply to mobile banking. Demanding a minimum level of security is what regulating for the consumer is all about.
There is no doubt that Africa has the right attitude when it comes to how seriously they take mobile security. All the numbers back up this business decision. Equity Bank is a case in point. Equity Bank’s mobile platform, Equitel, is showing significant growth. The Bank reported that the number of transactions on Equitel had increased from an average of two transactions per customer per month to 21 transactions by September 2015. Moreover, figures released in March this year showed mobile transactions had reached 151 million and that the total number of mobile loans accounted for 78 percent of all the loans disbursed during the year.
Internationally, businesses don’t yet understand the importance of Africa, and many of them wouldn’t even know who Equity Bank is. It’s arguably the biggest bank in one of the most mobile-centric and innovative markets, demonstrating some of the highest growth potential in the world. There is no doubt that international banks wishing to implement a successful mobile strategy would do well to take a lesson from our banks on the continent.