Mobile Transactions Are Surging—But So Are Mobile Attacks

Posted August 10, 2016

Mobile Transactions Are Surging—But So Are Mobile Attacks

Why ‘I’ll Just Use My Mobile’ Might Make You a Target of Fraudsters

Maybe you’ve said it yourself: “I’ll just use my mobile instead.”

As more of us turn to our smartphones to make everyday purchases, it’s becoming a common refrain.

The fact is, growth in mobile transactions is reaching farfetched levels—up 200% in just the past year. And it’s only picking up speed, bringing unprecedented convenience to consumers the world over.


The problem? According to a new report, all this instant gratification is coming with a price—in the form of a dramatic spike in mobile payment fraud, account takeovers and other cybercrimes that can cost businesses and customers plenty.

M-Commerce Gains Momentum …

According to Mary Meeker’s 2016 Internet Trends Report, the average smartphone owner now spends 4 to 5 hours per day using the one device they virtually never have out of arm’s reach.

As millennials enter their prime earning years, disposable income and a phone-first mentality is expected to propel the growth of mobile transactions to a whole new level.

After all, who doesn’t want the ability to instantly access their online accounts anywhere, anytime—or pay for say, concert tickets, while shopping at the grocery store?

I’m speaking from experience here, by the way: I recently used my mobile phone to score tickets to see New Edition from Ticketmaster’s mobile website, while strolling through Safeway in search of sweet potatoes to go with my Paleo dinner.

Suffice to say, I love mobile technology. The thing is, so does just about everyone else.
According to the ThreatMetrix Q2 2016 Cybercrime Report, 73% of all e-commerce transactions and 51% of all financial services transactions made over the company’s Digital Identity Network now come from mobile devices.

But as the number of these and other forms of mobile transactions continue to rise, so do mobile attacks that exploit them.

…While Mobile Fraud Rapidly Evolves

Through stolen identities, device spoofing or compromised devices, cybercriminals are able to make illegal funds transfers, login to existing accounts, and even create new accounts in the victim’s name (a form of attack that’s up 350% in just the past year).

Together, these were the predominant attack vectors in Q2, providing a strong indication that application integrity, device security and identity verification is getting far harder to control.

Even more troubling: The emergence of bot attacks targeting mobile apps.

This is where cybercriminals reverse engineer a mobile app and use stolen identity data from the dark web to emulate requests sent by the app to an online retailer or bank.

According to the report, the daily percentage of transaction fraud that targets banks and other financial institutions can spike as high as 40%.

So Where Do We Go From Here?

Anyone responsible for online fraud prevention ought to check out the full Q2 report, which includes a host of important findings on the state of mobile transaction security, including:
– Mobile vs. desktop transactions and attacks
– Mobile attack trends
– Bots crossing over to mobile
– Top nations using mobile

In my view, we could all stand to know what “I’ll just use my mobile” really means—and what it takes for businesses to protect themselves, and their customers, from emerging mobile threats.

ThreatMetrix Team

ThreatMetrix Team

close btn