Mobile banking mapped to incorrect number

Individuals such as senior citizen or persons who are not using mobile banking can a easy trap. An employee or fraudster can attach his number to the bank account and install mobile application for the same. The bank customer will not be aware as he does not get any notification regarding the same.

Creating fake and non-existent users

Most of the banks appoint a vendor to design a mobile application to be integrated to their banking system.

There are chances that the vendor may create two unauthorised users with rights to initiate and verify transactions, and transfer funds from the organisation to his associates' wallets, effectively stealing money from banks.

Malware

The increase in the number of mobile banking users is accompanied by a rise in attacks through malware.
Malware is a software which is specifically designed to disrupt or damage a computer system.

Data theft

Mass attacks are possible through the theft of credentials which can be used for personal benefits.

SIM swap

SIM swap means replacing the old SIM with a new one, when the old gets lost or damaged, or when one needs a differently sized SIM card.

If a fraudster manages such a swap, he can carry out numerous fraudulent transactions using the mobile number of the victim

Fake or similar interface apps

Fake applications, with exactly the same user interface as the original application, are being created to steal confidential information shared by the user.

Money laundering

Transfer of money into and out of a mobile wallet from or to a bank account is now possible. Cash-in from the bank account of an individual and cash-out to a different bank account of another individual can be used as a platform for laundering unaccounted money.

Unauthorised deductions from the wallet of a customer

Employees of the mobile wallet service provider may misuse the balance stored in the wallet of a customer by making unauthorised deductions

Failure to conduct proper due diligence of merchants

If the merchant on-boarded by the service provider is a fraudster, and the payment is made by the customer for fictitious goods or services from the merchant, cash can be rotated with minimum transaction fees.

No auto log off facility

An individual usually opens the application on his mobile device for availing of the services and closes the application, instead of logging out.

If the mobile device is stolen or lost and a fraudster opens the application, he can misuse the remaining balance in the service provider's wallet.