By: 24 April 2024

74 per cent of smartphone users want a service that allows you to block access to all services simultaneously after the theft of a device

Research shows that security doesn’t match smartphone use

Nuke From Orbit, a UK security startup, has unveiled findings from its latest research report, ‘Evolving smartphone usage and the growing threat to consumers’. The report sheds light on a concerning trend in smartphone thefts, indicating that in 62% of cases in the UK the repercussions extend far beyond the initial loss of the device.

Smartphones aren’t alone in this: the speed of evolution of challenger banks has seen both traditional banks and regulatory bodies at risk of falling behind.

According to the research, not only were respondents’ social media and email accounts accessed, but one in four individuals also fell victim to digital wallet theft, resulting in monetary losses. Alarmingly, the study reveals that one in five respondents experienced compromised personal bank accounts through unauthorised access via mobile banking apps.

The findings come amid the evolving boom in smartphone usage and the growing identity threat that users face. Although smartphones were created to simplify life with their many functions, this convenience has also made consumers more vulnerable to risk in spite of increased security features on devices and apps.

Other key findings from the research include: 

  • 78% of the respondents use their smartphones for mobile banking, 85% for accessing email, 71% for managing social media and 51% for a digital wallet, indicating that cybercriminals can easily access their personal data from a single mobile device.  
  • However, nearly half (45%) are in the habit of using the same PIN to gain access to the phone and multiple apps, services, and bank cards. 
  • 58% are aware that bank cards stored in a digital phone wallet can be used with your smartphone PIN to bypass biometrics. 
  • Three in four (74%) showed interest in a service that enables them to cancel bank cards, block access to banking apps, SIM cards, email, social media and more, all in a single activation.  

James O’Sullivan, chief executive officer and founder of Nuke From Orbit, commented: “Biometrics were introduced to make smartphones more secure because the frequency with which you need to input a PIN is greatly reduced, but our research shows this has led to some complacency. Criminals are returning to old-school shoulder surfing tactics–that made ATMs a nightmare–to access the phones they then steal to commit secondary crimes. As an industry, we need to provide smartphone users with the highest level of protection by harnessing technology for instant data security when their devices are compromised.”

A legislation that will contribute to the fight against such threats is The UK Product Security and Telecommunications Infrastructure (Product Security) Act, which will come into effect on 29 April. The Act will ensure that consumer technology products meet mandatory security requirements to protect against cyberattacks. Businesses-including banks-will be accountable for protecting customer data as the regulation mandates them to set safety measures such as minimum default password requirements and providing information on reporting security issues.

With so much interconnectivity, and even authenticator apps and one-time passcodes utilising the same device, smartphones are at the heart of the challenge this legislation is designed to tackle.

O’Sullivan continued: “The Act is relevant for all businesses in the mobile ecosystem, including banks, fintechs and online service providers. Service providers are responsible for ensuring they do everything possible to protect consumers when the worst happens. Our research suggests that currently, they are not doing enough. Nuke From Orbit is on a mission to support such service providers in protecting the digital identities of individuals and putting them back in control of their data swiftly when their smartphones are stolen.”

Lawrence Brown, senior insights manager at KAM, the research company responsible for conducting the research, added: “Many security measures are preventative, which alongside good user behaviours, decrease the dangers [to consumers] and are, of course, encouraged. However, when reactive measures such as tracking and remote locking software can be disabled after the theft, there is a vulnerability gap that requires additional protection.”

Image: Nuke From Orbit

Robert Welbourn
Robert Welbourn is an experienced financial writer. He has worked for a number of high street banks and trading platforms. He's also a published author and freelance writer and editor.