The newest fad among all banks is mobile apps. Every bank is encouraging and promoting usage of their mobile apps for obvious reasons: More intrusion in their customer’s digital life, and push notifications to sell their products.

The intention is no doubt noble, but it also involves threat of identity theft which can severely harm the end user. And the modus operandi of such app-linked theft has now broken new milestones.

Last month, it was found that such new age ‘hackers’ had siphoned off large quantity of money from unsuspecting users of SBI and Axis Bank’s mobile apps. And the most interesting part: these thieves were none other than bank employees.
The Modus Operandi

Last year, several Axis Bank account holders from Mysore and nearby areas complained to police regarding huge amounts of money being stolen from their accounts. When the case was transferred to cyber crime department, they discovered that Axis bank employees were the culprit.

Using fake documents, these employees had created duplicate SIM cards of these customers, and then using LIME app from Axis Bank, they transferred the money to other accounts. Using these fake SIM cards, these culprits siphoned off Rs 25 lakh from these account holders.

Police arrested several people in this matter, including one Deputy Manager of Axis Bank.

After the complaints, Axis Bank has infact stopped operating their LIME mobile app, as they believe the security measures are inadequate.
Telcos Are Also At Fault Here

Issuance of duplicate SIM cards using fake documents is the fulcrum of this whole scam, and telecom companies are equally to be blamed for this fiasco. If they conduct proper security and verification checks, then such SIM cards can never be issued.

Last month, we had reported that Delhi Police wants TRAI to heavily fine such telecom firms, which issues SIM cards without proper verification and checks. Such incidents can be partially avoided, only if genuine SIM cards are issued.
70% Mobile Banking Apps Are Vulnerable

And, even if we assure only genuine SIM cards are issued, hacking and data theft will still prevail as 70% of all mobile banking apps (Android) in India are vulnerable. As per a report by Appvigil, 7 out of 10 mobile banking apps in India are prone to:

Data Leakage
Password stealing
Internet spoofing; and many more serious crimes, which can evaporate your account instantly.

Both banks and telecom firms are equally responsible here, as both haven’t taken such incidents seriously.

But at the end, it’s the end-user who suffers due to these gaps in security.

Do you use a mobile banking app? How do you ensure it’s secured usage? Do share your experiences by commenting right here!