Financial technology companies in the Philippines including electronic wallets, digital banks and payment service providers should enhance the security of their mobile apps and safeguard consumers against rising threats of fraud and theft, according to a mobile security expert.
“Our message is that the brands themselves have a responsibility for creating a safe experience for consumers,” Chris Roeckl, chief product officer at Appdome, a US-based cyber defense automation platform in the mobile economy, said during his presentation at the 2024 CyberSecPhil Conference held at the Fifth, Rockwell in Makati City on Jan. 24, 2024.
A survey commissioned by Appdome showed that 76.7 percent of Filipino consumers reported increased mobile app usage over the last 12 months, with a notable surge in e-wallet adoption.
Filipinos also ranked second in the 2022 Global Crypto Adoption Index among the most active cryptocurrency nations, showing a particular interest in blockchain games like Axie Infinity, where 40 percent of players hail from the country.
Apart from e-wallets and blockchain games, Filipinos are frequent users of digital lending apps, dedicating considerable time to them in 2022. However, with innovation comes risks, and financial apps are particularly vulnerable to fake apps/app tampering, overlay attacks and private crypto key theft.
Roeckl noted the challenges faced in a mobile-first country. “We’re in a mobile-first country, and everybody lives and breathes the mobile experience. Unfortunately, bad actors see this popularity, and the attack surface is of interest. So the challenge is, how do we collectively, as an industry, help protect the user experience, as well as the mobile brand itself?”
He said that over the past few years, bad actors have intensified their focus on malware and fraud techniques to compromise financial data. Roeckl pointed out recent threats such as accessibility service attacks, where malware is embedded into apps to collect sensitive information, and account takeover, where bad actors target the brand’s network infrastructure for the same purpose.
These malicious players specifically target financial apps, online bank services, electronic wallets, travel bookings, delivery services and apps involving heavy transaction volume, Roeckl said.
The Appdome survey involving 75,000 consumers revealed a high level of frustration among respondents, with consumers expressing a willingness to stop using an app if they suspect it is not secure.
Roeckl said brands, whether banks, fintech apps or e-wallets, should take the initiative to provide a secure app experience. He said that consumer trust is crucial for business success and that implementing security measures in a beneficial way is essential.
Appdome, with over 20 security researchers, continuously monitors mobile apps for new threats, reinforcing the message that ensuring a safe experience for consumers is paramount, he said.