Concluding Remarks. We identified a pattern in the development of online banking that seems to rely on three phases, each relating to both technological and adoption trends. In the early adoption phase, banks offer a technologically crude way to conduct online banking that is expensive and not available for everyone. Availability and popularity of online banking increase in the following expansion phase, in which users start to accept online banking because critical aspects are perceived as being satisfactory. Finally, the exploitation phase relies on standardized technologies to make online banking available to almost anyone. The three phases are identified in the development of home banking (using a “desktop” computer), and the first two phases can also be identified in the development of mobile banking (using a mobile device anywhere an internet connection is available). Based on the identified trend, we predict that mobile banking has yet to enter the exploitation phase. In this predicted third phase, Hybrid Mobile Applications that are based mostly on standard web technologies will likely be introduced to reduce the costs of supporting multiple platforms and form factors. For mobile banking, this opens up opportunities for new kinds of scalable malware attacks that are similar to attacks made against home banking. Security is an important aspect in online banking. For home banking, we examined 80 banks worldwide on how they authenticate their customers and how they implemented communications security. We also examined the implemented authentication methods for mobile banking at 66 banks. For user to bank authentication, 75% of the banks offer an authentication method that relies on multiple factors (what the user knows and possesses) for home banking. The possible use of multiple factors was found in 59% of mobile applications and 25% of mobile sites. The adoption of multifactor authentication in both home and mobile banking increased slightly in a 2 year period, and seems to be most absent in North America. While there is not much diversity in the used knowledge factor (either password or PIN), different regions have different preferences for the possession factor. Noteworthy are the wide embrace of offline electronic devices used to generate login credentials in Africa, Europe, and Oceania, and the popularity of a one-time password distributed on paper or plastic in South America. Different possession factors are also used in mobile banking. Use of the mobile device itself as the possession factor is overall most favored. A recent development in mobile banking is that fingerprint-based ACM Computing Surveys, Vol. 49, No. 4, Article 61, Publication date: December 2016. 61:30 X. Xxxxxx et al. biometrics are slowly starting to be offered in alternative authentication schemes, despite that it is trivial to spoof fingerprint sensors embedded in user devices.
Appears in 6 contracts
Samples: repository.ubn.ru.nl, repository.ubn.ru.nl, repository.ubn.ru.nl