ASSESSMENT OF BANK MOBILE APP SECURITY THREAT (A CASE STUDY OF GTB)

Abstract

This study carries out an assessment of Bank mobile app security threats using Guaranty Trust Bank (GTB) as a case study approach. Data was collected from 102 respondents, and their gender, age groups, professions, usage of mobile banking, reasons for using or not using it, services utilized, visitation of the bank, security intrusions experienced, reporting of incidents, and views on control measures were analyzed. The findings revealed that while convenience and easy tracking of activities were valued by mobile banking users, concerns about privacy and security acted as barriers to adoption. A significant number of respondents reported security intrusions, primarily viruses, Trojans, and worms, highlighting the need for stronger security measures. Additionally, a low reporting rate of security incidents suggested a gap in the reporting and resolution process. Recommendations include enhancing security measures, addressing privacy and security concerns, improving the reporting and resolution process, enhancing training programs for IT personnel, and staying abreast of technological advancements. The study's limitations include a small sample size, reliance on self-reported data, lack of quantitative analysis, and a limited scope. Further research is warranted to validate and expand upon the findings.

CHAPTER 1

INTRODUCTION

1.1 Background

In recent years, the advent of technology has revolutionized the banking sector, leading to the development of mobile banking applications. Mobile banking apps provide customers with convenient access to various banking services, enabling them to perform transactions, check balances, transfer funds, and access account information from their mobile devices. However, with the increasing reliance on mobile banking apps, the security of these applications has become a major concern for both customers and banks. It is essential to assess the security threats associated with bank mobile apps to ensure the protection of customers' sensitive information and prevent unauthorized access.

According to Ayo et al. (2010) the continuous or rapid improvements in Internet technology has brought huge influence on commercial processes and has in particular brought about a model shift in banking activities and services.

In line with global trends, banking business in Nigeria too has been undergoing tremendous changes Since independence in 1960. The first step in the evolutionary process was the gradual deregulation of the financial sector, which commenced in the 1989. Then, in the 1990s the introduction of Automated Teller Machines (ATMs) was considered as the first and most visible piece of evidence of the emerging electronic banking in Nigeria (Abor, 2008). This was then followed by the introduction of Telebanking, PC-banking and Internet-banking. The next imminent step in this evolutionary process inevitably appears to be mobile banking (M- banking). The use of a mobile phone to conduct payment and banking transactions (M- banking) is at an early stage in a number of developing countries. Because mobile banking uses the existing rapidly expanding mobile phone infrastructure, it has the potential to be deployed rapidly and affordably to expand access to financial services among unbanked people.

Mobile banking has gained significant traction in recent years, revolutionizing the way individuals access and manage their financial accounts. With the rapid proliferation of mobile devices, such as smartphones and tablets, banking services have become increasingly accessible to a wider population. In Nigeria, a country with a burgeoning mobile phone market and a large unbanked population, the adoption of mobile banking has witnessed substantial growth (Adeniran, 2019).

According to the Nigeria Inter-Bank Settlement System (NIBSS), the use of mobile banking in Nigeria has experienced a remarkable surge. The number of mobile banking transactions in the country reached over 22 million in 2020, representing a significant increase from previous years (NIBSS, 2020). This surge in mobile banking adoption can be attributed to factors such as the increasing smartphone penetration, improved internet connectivity, and the convenience offered by mobile banking services (Afolabi et al., 2018).

The benefits of mobile banking in Nigeria are multifaceted. It provides customers with the flexibility to perform a wide range of financial transactions, including funds transfers, bill payments, and account balance inquiries, anytime and anywhere. Mobile banking eliminates the need for physical visits to bank branches, enabling users to save time and effort (Onaolapo & Okunoye, 2020). Moreover, mobile banking has played a pivotal role in financial inclusion efforts in Nigeria by providing banking services to the unbanked population and underserved rural areas (Owusu-Frimpong & Karikari, 2020).

However, the rapid growth and widespread usage of mobile banking apps have raised concerns about the security of these applications. Mobile devices are susceptible to various security threats, and cybercriminals are constantly devising new ways to exploit vulnerabilities in mobile apps to gain unauthorized access to sensitive information. Such security breaches can lead to financial losses, identity theft, and erosion of customer trust.

Therefore, this research aims to assess the security threats facing bank mobile apps, with GTB as a case study. By examining the current security measures, identifying vulnerabilities, and evaluating customer perceptions, this study seeks to provide insights and recommendations that can contribute to the development of robust security practices in the Nigerian banking industry.

1.2 Statement of the Problem

In recent years, the use of mobile devices, such as smartphones and tablets, has become increasingly popular for accessing banking services. While the adoption of mobile banking in Nigeria has increased, there is a growing concern regarding the security threats associated with using mobile devices to access banking services. Cybercriminals continually develop sophisticated techniques to exploit vulnerabilities in mobile apps, aiming to gain unauthorized access to users' personal and financial information. These security threats pose a significant risk not only to customers but also to banks, as breaches can result in financial losses, reputational damage, and legal consequences. Therefore, it is crucial to assess the security threats facing bank mobile apps to identify potential vulnerabilities and mitigate risks effectively.

1.3 Objectives of the Study

The main objective of this research is to assess the security threats associated with bank mobile apps, with a specific focus on the case of Guaranty Trust Bank (GTB) in Nigeria. The specific objectives are as follows:

1. To identify and analyze the common security threats faced by bank mobile apps.
2. To evaluate the current security measures implemented by GTB in their mobile banking application.
3. To assess the level of awareness and perception of customers regarding the security of GTB's mobile banking app.
4. To recommend strategies and best practices to enhance the security of GTB's mobile banking app.

1.4 Research Questions

To achieve the stated objectives, the following research questions will guide this study:

1. What are the common security threats faced by bank mobile apps?
2. What are the existing security measures implemented by GTB in their mobile banking application?
3. What is the level of awareness and perception of customers regarding the security of GTB's mobile banking app?
4. What strategies and best practices can be recommended to enhance the security of GTB's mobile banking app?

1.5 Significance of the Study

This study is significant for several reasons. Firstly, it will contribute to the existing body of knowledge on mobile app security threats, specifically in the banking sector. The findings of this study will provide insights into the common security threats faced by bank mobile apps and the effectiveness of existing security measures. Secondly, the study will be valuable to GTB and other banks in Nigeria by identifying potential vulnerabilities in their mobile banking apps and recommending strategies to enhance security. Lastly, the study will benefit customers by raising awareness about mobile app security and empowering them to make informed decisions while using GTB's mobile banking app.

1.6 Scope of the Study

The study will be limited to GTB, one of the leading banks in Nigeria. The research will focus specifically on the security threats associated with GTB's mobile banking app.

1.7 Definition of Terms

To ensure a clear understanding of the research, the following key terms are defined as used in this study:

1.7.1 Assessment

In the context of this research, assessment refers to the process of evaluating and analyzing the security threats and vulnerabilities associated with bank mobile apps.

1.7.2 Bank Mobile App

A bank mobile app refers to a software application developed by a financial institution to enable its customers to access banking services and perform transactions using mobile devices such as smartphones and tablets.

1.7.3 Security Threats

Security threats encompass various risks and vulnerabilities that can compromise the confidentiality, integrity, and availability of data and functionalities in bank mobile apps. These threats can include but are not limited to malware attacks, phishing, data breaches, unauthorized access, and social engineering.

1.7.4 Case Study

A case study is an in-depth investigation and analysis of a specific subject or phenomenon. In this research, the case study focuses on the mobile app security threats faced by Guaranty Trust Bank (GTB) in Nigeria.

1.7.5 GTB

GTB is an acronym for Guaranty Trust Bank, a prominent financial institution operating in Nigeria.