As mobile banking use surges worldwide in response to COVID-19 and its associated lock-downs, a corresponding rise in mobile banking fraud continue to increase in prevalence and sophistication.
The December 2020 discovery of an “evil emulator farm” made clear that mobile fraudsters can now automate their processes. As a result, they are able to easily harvest mobile device identifiers, spoof GPS locations, and intercept SMS messages to bypass static multi-factor authentication. Achieving unforeseen levels of scale and speed of operation, these cyber criminals successfully emulate unsuspecting users’ mobile devices and drain millions from online bank accounts in record time.
By modernizing their authentication framework to include secure provisioning and secure channel communication, client- and server-side risk analysis, and continuous session monitoring with risk assessment for strategic planning (RASP) and machine learning (ML), financial institutions can stay one step ahead of attacks.