itb-au logo
Story image

Wontok: Are e-wallets a threat to society?

17 Dec 2019

Article by Wontok product head Bruce Carney

The history of the humble wallet harks back to ancient times but in recent years, people have increasingly parted ways with this loyal companion as more financial tools are digitised.

Credit cards, debit cards, Apple Pay and more - these are just some of the new ways to buy goods.

Even government services such as driver's licences – as evidenced in New South Wales, Australia recently - have gone electronic courtesy of apps.

There’s no doubt that smartphones have become omnipresent – nearly 90 percent of Australians own one, according to Deloitte.

The same data shows that the average Australian spends three hours a day on their device, using it for business and leisure, and our love affair with apps and all things mobile show no signs of abating.

With a few taps, we could own the latest high-end fashion accessory or purchase a car.

We walk around with virtual banks in our palms, making seamlessly transactions across borders.

According to Roy Morgan research, mobile banking is the most rapidly growing way to bank; it has the highest levels of customer satisfaction at 89.3 percent compared with internet banking (87.7 percent), phone banking (77.2 percent) or banking at a branch (85.2 percent).

While the smartphone is today akin to a ‘new-age cash register’, it has proven to be a handy vehicle for criminals.

A global KPMG survey of 43 retail banks, including eight Australian major and regional banks, found that Australia was a prime target for scammers who were increasingly using banks as a launchpad for sophisticated fraud attempts.

It found 177,000 scam reports in Australia last year costing half a billion dollars, compared with 85,000 scam reports in the US and Britain combined.

The findings come as no surprise – I (and probably millions of other people) were only recently the target of a phishing scam purporting to come from National Australia Bank.

A text message from a seemingly legitimate sender issued a simple warning: “Nab Alert – We have detected a potential issue and blocked your Internet Banking. Visit <LINK> to confirm your device.”

I’m not a NAB customer and immediately knew it was a scam but how many actual clients would have fallen for it and clicked on the link which looked quite legitimate (not included here as it’s malicious)?

Then there’s the perennial favourite, the Australian Taxation Office.

Like bees to honey, fraudsters love the tax office and often use phone calls and text messages to trap unknowing victims.

The texts range from overdue payment reminders to income tax refund notifications – all welcoming the user to “visit myGov Australian Taxation Office”.

Mobile security threats have evolved or vastly improved, one might argue, ever since the first mobile phone virus was uncovered in 2004.

Fast forward to 2019 and we find malware disguised as a personalised keyboard app.

Once launched, the app called Ai.type would launch landing pages in the background and automatically subscribe to premium data services, for example.

Criminals are getting increasingly creative but they are fundamentally tapping into our behaviour – people fall for hoaxes and scams not because they’re stupid, but the way they process information and arrive at beliefs, Syracuse University professor Whitney Philips says.

Professor Philips says that when confronted with new information, people don’t always do what’s logical and make decisions based on merit.

Rather, we tend to make snap decisions based on “how information adheres with our existing world views”.

She explains that if a particular narrative resonates with a person, it doesn’t matter if it was untrue as that’s not how belief works.

Computer network and security experts refer to the phenomenon as “Dancing Pigs”, a term coined by computer scientist Edward Felton in 1999 where he stated: “given a choice between dancing pigs and security, users will pick dancing pigs every time.”

When designing mobile experiences, Mozilla’s Security Best Practices Guide says, “many of our potential users are inexperienced computer users who do not understand the risks involved in using interactive Web content. This means we must rely on the user's judgement as little as possible”.

Gordon Pennycook, a behavioural science assistant professor at Canada’s Regina University, told Wired the brain “is set up to give us easy answers… so if there's a hoax that appeals to people's emotions or intuition, it's going to trick people, because a lot of people just don't spend that much time thinking about the things that they see on social media.

“Social media is partly to blame, too, because it's set up to drive engagement, and that engagement often comes at the cost of shutting off people's brains a little bit.”

Having a virtual bank in your hand, coupled with fraudsters understanding of how gullible we can be, is a potent combination.

As we usher in a new year and prepare to bid adieu to the humble wallet, perhaps people should adopt the New South Wales lifesaving initiative of Stop, Revive, Survive – refrain from immediately reacting to text messages and too-good-to-be-true offers of rewards and refunds.

Just stop, take stock of what’s in front of you, and then decide what to do.

Criminals are banking on people’s need for instant gratification – let’s not let them win.