Today, the average person has more than 35 apps installed and spends over 3 hours a day on their mobile phone. And with phone prices dropping in recent years, more and more people can afford one— an average of more than 1 million new smartphones come into use every day. What does this mean for fraudsters? Opportunity. Here are five reasons why mobile apps are prime targets for fraudsters.
Apps often store incredibly sensitive information. Users keep payment details, home addresses and sometimes even social security numbers on their most frequently used apps. Why? For the same reason you probably store similar information—convenience.
All this personal info is a virtual treasure trove for fraudsters. They can sell the account, make fraudulent transactions and use the Personally identifiable information (PII) to apply for loans. What’s more, users may also have reward points and travel miles sitting in their accounts, which can be directly converted to profits for fraudsters.
It’s a dog eat dog world. Competition for consumer attention is fierce and according to Dimension Data, 84% of companies that improve their user experience see an increase in revenue. For this reason, mobile apps provide extra convenience through features like one-click transactions.
Unfortunately, convenient features that create a smoother experience for the end user often make committing fraud much easier.
Computers and the web environment have been with us for ages. But native app environments are rather new in the grand scheme of things. As such, there’s no common standard for app development and security, unlike web pages with standardized protocols, which is one reason why mobile is the new battleground for fraudsters.
Just as human fingerprints are used to identify humans, a device fingerprint assigns each device a unique identity. The problem is, device fingerprints can be altered quite easily. From complex device tampering tools to simple software and app updates, there are hundreds of ways that device fingerprints can be changed. This makes accurate device identification for fraud and abuse prevention extremely difficult.
While it’s probably no shock that fraudulent apps often come from unauthorized sources, you may be surprised to learn they also creep their way into official app stores.
FaceApp was a popular app in 2019, with celebrities like Lebron James, Drake and others using it to share photos of what they may look like when they’re older. Soon after, it was revealed that FaceApp asked for permissions they didn’t need, for information they didn’t require. Data obtained in this way is often sold to illicit parties or used directly to break into an account.
The point is, fraudulent apps are everywhere and fun apps can be surprisingly dangerous—as fraudsters can access users’ personal data with them none the wiser.
Sophisticated fraud calls for actionable device intelligence. With mobile devices becoming increasingly popular, fraudsters are hungry to take advantage of businesses that aren’t prepared for their malicious tactics. The first step is awareness.
By understanding how fraudsters can exploit apps, businesses are in a much stronger position to build customer trust and provide a safe online experience for their good users whilst also saving millions of dollars in fraud losses and capturing even more in potential revenue. Be aware of how fraudsters exploit mobile apps and use this knowledge to decide your fraud strategy.
