News

05:54 PM
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

Consumers Looking for Convenience In Mobile Security Measures

Consumers are not taking basic steps for securing their mobile devices, but show an interest in more convenient security methods like biometrics, a new PayPal study found.

Consumers are conducting more mobile commerce transactions than ever, but are still not taking basic steps to ensure security on their smartphones, a survey released today by PayPal and the National Cyber Security Alliance found. But consumers did show an interest in the survey in using biomtric authentication for securing their phones.

The survey of more than 1,000 American consumers, which was conducted by Zogby, showed that more than 25% of them use their mobile phone to conduct shopping transactions on a daily basis. “More people are doing more mobile transactions, and there are more mobile devices out there. And more websites are becoming more mobile friendly,” Andy Steingruebl, PayPal’s director of ecosystem security said about the findings.

Despite the increased number of mobile transactions, the survey respondents often failed to take measures to secure their mobile devices. For instance, the study discovered that more than half of the respondents didn’t lock their mobile phone with a PIN.

[See Related: Employee Training: The Key to Security in Enterprise Mobility]

More than half of the consumers surveyed also expressed interest in using fingerprint biometric authentication instead of passwords for mobile security, the survey found. Using biometric authentication is gaining in popularity because it is perceived that it will be more convenient than passwords, Steingruebl said. “Biometric technologies are becoming more familiar to consumers… and the idea that they will be easier to use will be a huge driver for adoption,” he predicted.

Beyond fingerprint biometrics, 45% of the respondents said they’d be comfortable using retinal scans for biometric authentication, and 41% said they’ be comfortable with photo identification technology.

However, Steingruebl insisted that even with the growing presence o biometric authentication in mobile security, it is still important for customers to take other steps for securing their phones. Customers should still activate a PIN to lock their phone, automate software updates on their phones, enable find your device features for when a phone is lost or stolen and back up their info regularly, he advised.

It is up to companies participating in the mobile market to work together to help make security part of the experience for mobile users so it is more convenient for them to take those steps, Steingruebl added. “We are collaborating with the handset makers so they make their experience encouraging of taking security into account,” he shared. “No one can do [mobile security] by themselves.”

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/14/2013 | 12:41:42 PM
re: Consumers Looking for Convenience In Mobile Security Measures
Yeah, some consumers may definitely feel self-conscious about wearing the ring.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
10/14/2013 | 10:45:23 AM
re: Consumers Looking for Convenience In Mobile Security Measures
It is pretty cool, but I'm not sure customers would want to wear the ring. Plus, it is NFC-based, ruling out iPhones.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
10/13/2013 | 1:52:33 PM
re: Consumers Looking for Convenience In Mobile Security Measures
This is cool. Wear Tuit ring on your hand and it communicates with your mobile device. You need to sync Tuit mobile app with the device so uniquely identifies you and unlocks the device. I am not sure if the ring designs will win everyone over, though. Can partner with a jeweler to add some pizazz.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
10/13/2013 | 1:45:39 PM
re: Consumers Looking for Convenience In Mobile Security Measures
I agree, password creation is out of control. It's hard to remember them all. A biometric alternative to passwords could be a more effective and less onerous way to secure devices.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
10/11/2013 | 7:43:45 PM
re: Consumers Looking for Convenience In Mobile Security Measures
Yes education is a big issue in mobile security. But most people are so password fatigued that I think something new and interesting like biometrics could drive some interest among consumers to be more active in securing their mobile devices.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
10/11/2013 | 1:34:00 PM
re: Consumers Looking for Convenience In Mobile Security Measures
I am a Gmail user and it does prompt to enter a mobile phone #. It's surprising that after being hacked people didn't want to use 2-factor authentication. Yes, it's inconvenient but worth the extra few minutes to protect one's bank account. If banks make this mandatory for their customers, people will have to think twice about risking fraud and not being covered by the bank.
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/11/2013 | 12:20:55 PM
re: Consumers Looking for Convenience In Mobile Security Measures
That's probably what it will com to. It's so true that many consumers don't like two-factor auth; I was at a Google cloud summit a few years ago, and one of the speakers was saying whenever a gmail account gets hacked, after the issue is resolved, as company policy, Google always strongly recommends they turn on the two-factor authentication option. Anyway, even after their account has been hacked, I remember the speaker said like less than 5% of people actually utilize two-factor authentication.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
10/11/2013 | 9:53:11 AM
re: Consumers Looking for Convenience In Mobile Security Measures
Consumers themselves are the largest security risk. We don't like "strong" passwords and we especially don't like two-factor authentication (especially on mobile). Biometrics does make a lot of sense, as long as the consumer can comfortable with the possible privacy issues.

I think it will come to a point that banks will be forced to tell consumers that they must adopt a certain type of secure authentication method (biometrics or something else). And if the consumer doesn't do it, the bank will say something like: "That's OK, but this is your choice and your account isn't as secure as it should be. Unless you adopt the secure technology, the bank won't cover any losses due to fraud."
anon8022647177
50%
50%
anon8022647177,
User Rank: Apprentice
10/10/2013 | 6:22:36 PM
re: Consumers Looking for Convenience In Mobile Security Measures
If you want a convenient way to secure your smartphone, you need to get a Round Tuit: http://kck.st/16PU8NX
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/10/2013 | 12:34:21 PM
re: Consumers Looking for Convenience In Mobile Security Measures
It is the ages-old conundrum about mobile: Consumers loves the convenience, and they want security, but don't want to take security measures that might make the experience less convenient (like using a PIN/password etc). That's why I think biometrics will be the future of mobile security; it doesn't require the lazy populace to expend any further effort.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Here is what the client expects us to develop...
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.