AT&T Takes Banking Mobile

AT&T brought its customers one step closer to the promise of mobile banking Tuesday when it announced partnerships with BancorpSouth and a number of other banks to offer banking capabilities to wireless users.

Customers of the participating banks who subscribe to AT&T’s wireless service can download a mobile banking application directly to their cell phone. From there, they can view their account balances, transfer funds between accounts, and receive and pay bills, much the way they have long been able to using a home PC.

All information on the application is password-protected and encrypted for security assurance, AT&T officials said.

In addition to BancorpSouth, other participating banks include Wachovia, Regions and Suntrust Bank. The banking application is from Firethorn Holdings, which also acts as an intermediary between AT&T and the banks.

“At BancorpSouth, a key emphasis is on offering our customers convenient, time-saving new ways of managing their money,” said Aubrey Patterson, BancorpSouth’s chairman and chief executive officer. “That is why we were the first financial institution to participate in a trial of mobile banking with AT&T and Firethorn, and that is why we are now making this application available to all of our customers.”

A Step in the Right Direction

“Big developments in wireless often start with a seed,” said Jim Ryan, vice president of data services at AT&T’s wireless unit. “For example, until just a few years ago, text messaging was a novelty, and now it is pervasive and hard-wired into our behavior. We believe that mobile banking will rapidly move up a similar curve of mass adoption with AT&T’s 61 million wireless customers.”

The new application certainly gives new capabilities to wireless customers and brings the U.S. market closer to capabilities already offered in many parts of Asia and Europe, where cell phones are commonly used instead of credit cards or cash. However, the move may be only an incremental step in the right direction.

“What’s really exciting is using cell phones as credit cards to pay for gas, groceries and other purchases,” Allyn Hall, director of wireless for In-Stat, told the E-Commerce Times. “This is only a small step in the right direction. In truth, there’s nothing you can do here that you couldn’t do before, if you had Internet access from your cell phone.”

‘Not Exactly Revolutionary’

The Firethorn software will undoubtedly make mobile banking easier than it was before, but overall Hall said the announcement is “not exactly revolutionary.”

“This is only part of the conversion of the cell phone into a full-fledged financial device — the other part will be using it for actual transactions,” agreed Rob Enderle, principal analyst at the Enderle Group.

Part of the reason other countries are so far ahead of the United States in this respect is because of a “classic American problem,” Hall pointed out. “Unlike countries like Japan, in which companies cooperate on standards and then compete afterwards, here in the U.S. we compete on standards,” he said.

The result is that “in the U.S. we’re paralyzed — we can’t agree on how to share the wealth or even on standards,” Hall continued. “Five years from now we could easily still be stuck in this same place.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

How often do you update your passwords?
Loading ... Loading ...

E-commerce Times Channels

How To Tackle Mobile Ad Fraud Before It Destroys Your Brand

Mobile ad spending in 2021 set a record by reaching $295 billion globally, a 23% increase from 2020. This trend will continue in 2022 — with the figure projected to reach $350 billion by the end of this year. The reason? We’re spending more time on our mobile phones. In fact, the average person now spends four to five hours per day on their phones. As of last month, in the U.S. roughly 53% of web visits originated from mobile devices.

The spotlight on mobile shopping has reshaped several industries; e-commerce, in particular. App store spending in 2021 reached a new high of $170 billion, an 18% increase from the previous year. This statistic shows that most consumers prefer to download an app and shop from the comfort of their own homes as opposed to going to a brick-and-mortar store.

Unfortunately, the surge in mobile ad spending in addition to device usage has led to a wave of criminal activity called mobile ad fraud. According to AppsFlyer, in 2019 over $4.8 billion of businesses’ mobile ad spend was exposed to ad fraud — an increasingly common issue affecting e-commerce companies across multiple industries, especially retail.

Let’s talk about exactly what mobile ad fraud is, the various types of mobile ad fraud to look out for, and three ways you can help prevent mobile ad fraud from taking place at your online storefront.

What Is Mobile Ad Fraud?

Mobile ad fraud is any practice that involves defrauding digital advertisers on mobile by using false impressions or fake app installs for financial gain or competitive advantage.

Fraudsters utilize a variety of methods to skim money off several types of mobile ads. Some of these include the use of bots, click injections, click spamming, and spoofing SDKs.

With these techniques, bad actors can use false data to feed off advertisers’ ad spend and sometimes go undetected for a long time.

There Are Multiple Types of Mobile Ad Fraud

When it comes to mobile ad fraud, we can categorize the various types into two main categories: mobile ad fraud via app installation, and mobile ad fraud via user interaction on mobile devices:

Mobile ad fraud via app installation

SDK spoofing, also known as SDK hacking, involves simulating real installs, clicks, and other impressions of an app to the attribution provider. With this technique, fraudsters can create thousands or even millions of fake installs that’ll consume the advertiser’s ad budget.

Click spamming involves fraudsters sending large volumes of fake or low-quality clicks to a mobile measurement partner (MMP) or attribution tool, waiting for an organic install to happen. Once a user installs the app, the attribution meant for the advertiser goes instead to the fraudster.

Mobile ad fraud via user interaction on mobile devices

Pixel stuffing occurs when publishers place an ad in a 1×1 pixel area that is invisible to the naked eye. Although these ads are invisible to the user, they still count as an impression.

Click hijacking occurs when bad actors redirect the click meant for an ad to another ad. By intercepting the communication between the user and the ad, they can steal or hijack the clicks on ads and transfer it to another ad.

3 Ways To Prevent Mobile Ad Fraud

The various forms of ad fraud make it difficult to protect against losing money to bad actors. However, learning how to prevent it offers a fighting chance and helps with early detection.

Maintain an IP blacklist
Certain IP addresses have a reputation of ad fraud due to their invalid clicks and fake traffic sources. Therefore, keep a blacklist of IP addresses you don’t want to interact with your ads. Also, compare your list with newly updated blacklists regularly.

Use an ads.txt file
In cases of domain spoofing, and other forms of imitation, an ads.txt file comes in handy. This file serves as an agreement between you, the SSP, DSP or ad exchange about who has the authority to resell your ads.

Work with verified publishers
Placing your ads on a verified publisher’s website is expensive. But they are more likely to offer your ads some safety and a guarantee from fraudsters, which is more than you’ll receive from a low-budget publisher. Also, you can rest assured the data you’re getting from a verified publisher isn’t skewed.

Implications of Mobile Ad Fraud on Businesses

Mobile ad fraud leading to revenue loss is only part of the story. Great damage can be done to a brand’s reputation by being placed on a blacklist.

When purchasing ad inventory, businesses investigate past and existing records of vendors. They do this to ensure viewability, ROI and safety. An ad campaign that’s explicit or that features unsafe content isn’t something with which your business wants to be associated. Should your company get blacklisted due to reports of inappropriate advertisements, your brand image and reputation could be at stake.

Often, you won’t see the immediate effect of ad fraud — that is, until the damage has already been done. By that point, you may have lost money, and your e-commerce establishment will find it challenging to stay afloat. Or, in the case of being blacklisted, your brand’s reputation may be damaged, taking years to repair. By then, of course, it’s too late.

Publishers and advertisers need to be aware that mobile ad fraud is a substantial threat to the industry. It’s especially vital to keep it in mind as consumers shop more often via smartphones. The earlier both parties work together to help end mobile ad fraud, the better.

Remember, the best defense against mobile ad fraud is to employ preventative measures to protect your business.

Jacob Loveless is CEO of Edgemesh. He has a 20-year career in making things go faster, from low latency trading for Wall Street to large-scale web platforms for the Department of Defense, and is a two-time winner of high-performance computing awards. Today, Loveless runs Edgemesh, the global web acceleration company he co-founded in 2016.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories

What’s in Store for Next-Gen Digital Wallets

In this day and age when we are all used to working online with various devices, it is a big plus to have a digital tool to store and present identification and other documents.

The digital wallet has emerged as an app that allows for scanning physical cards and storing payment and other personal information on a device.

Practically every airline today has a single purpose digital wallet app to store boarding passes and other documents, as does every mobile device. The iPhone comes equipped with Apple Wallet, and Google has the Google Pay app which is compatible with both Android cell phones and iPhones.

Identity Proofing Issues

Airline wallets, for example, all use a QR code that serves as an identifier to store information, such as ticket and flight number, date of travel, and seat assignment. But to verify the authenticity of the ticket a passenger presents to board; the airline must look in its backend system to ensure that the ticket is still valid and identity proof the ticket holder via a driver’s license or passport.

The new vaccine passes being issued by states and municipalities to verify Covid-19 immunization face a similar challenge. Those can store information, including vaccination dates and which vaccine the person received, but still require showing proof of identity to verify that the pass belongs to that person who possesses it.

Meanwhile, a restaurant or venue checking a patron’s vaccination status doesn’t also need to know their age, address or whether they’re licensed to drive, wear glasses, or wish to donate their organs.

However, today’s digital wallets don’t offer these options. They simply bind identity to the document presented for verification, such as an airline ticket. This is where identity proofing can provide a killer app to make digital wallets more than just a convenient way to avoid flashing a paper document.

Digital Wallet Checklist

The digital wallet of the future is not about just storing the picture of a document, it’s also about ensuring that scanned documents are valid and provides assurances that it has been issued by a verified source. Therefore, identity proofing must be the cornerstone of any digital wallet.

Biometric support is a key requirement for digital wallets, including fingerprints, facial recognition and live selfies that require users to blink or make other movements to prevent stolen images from being used to hijack accounts and commit fraud.

Digital wallets need to verify and vet every attribute that’s associated with the user’s identity within the wallet, such as the name, address, and date of birth, so that when the user interacts with a service, they can selectively choose to present certain elements of their identity needed to complete a transaction.

The digital wallet should be able to store and encapsulate all identity attributes associated with an individual and present them on as-needed basis.

Security and Identity Assurance

Of course, security is another important characteristic of these new and improved digital wallets. It would be great to say we don’t need to worry about digital wallets being hacked, but as with every other app or device, users need to be concerned about security.

Apart from adopting security best practices to protect the data contained in a digital wallet, developers need to go through a series of certifications to assure consumers that the wallet is certified by one of the industry bodies that organizes identity authentication specifications, such as Fast ID Online (FIDO) or the National Institute of Standards and Technology (NIST).

A wallet should be attested and verified to comply with NIST identity assurance levels or the FIDO specifications of how signatures are validated and vetted. Knowing that a wallet has been certified by a recognized standard body like FIDO or the Kantara Initiative gives consumers the assurance that the wallet they’re using complies with accepted security standards.

Digital wallets should also be compatible with one another. In an ideal world, one wallet should be able to meet all our needs, but the environment is still fragmented, as in the airline ticket example.

Developers need to work with organizations such as the Identity Foundation to ensure that all digital wallets are interoperable with each other. That way, they can give consumers a choice of using any wallet they want, as long as the identity documents that contain it can be shared and verified by other technology platforms.

Conclusion

Digital wallet technology clearly represents the future for transacting business online and in the physical world, and for enabling users to take control of their privacy and the information they want to share with service providers.

To meet these requirements, the current generation of single purpose digital wallet apps need to evolve to support multiple use cases and be interoperable with more than just one or a select group of companies.

Rohan Pinto is CTO of 1Kosmos. He previously architected security infrastructure for the Government of Ontario and the Health Information Access Layer for the Province of British Columbia, and is involved in establishing the United States Department of Defense's Security Access Layer using Common Access Cards (CAC). Rohan is also an active member of the Decentralized Identity Foundation and the FIDO (Fast Identity Online) Alliance.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories