As smartphones increasingly become a nexus for consumers’ financial lives, their value to fraudsters has risen accordingly. Mobile shopping, mobile wallets, and person-to-person (P2P) payments all offer new avenues for fraud, and much of the next generation of authentication solutions flows through consumers’ phones. Although mobile malware is still a nascent threat in Western markets, the potential risk is tremendous as malware operators and fraudster shift their focus from foreign markets to the U.S. Existing malware features have the capability to circumvent the most prevalent authentication methods used in the U.S. This necessitates that financial institutions begin securing apps and adapting authentication to address the threat of mobile malware before it fully migrates to Western markets.

Key questions discussed in this report: 
  • What level of risk does mobile malware currently pose to mobile banking, payments, and commerce?
  • How will this risk change over the next several years?
  • How do existing mobile malware features compare against authentication and security strategies employed by financial institutions and merchants?
  • What behaviors leave users most at risk for mobile malware infections?
  • What measures can financial institutions and merchants take to most effectively protect their users from mobile malware?

Consumer data in this report is based on information collected in a random-sample panel survey of 5,028 consumers conducted in November 2016. For questions answered by all 5,028 respondents, the maximum margin of sampling error is +/- 1.398 percentage points at the 95% confidence level.