Mobile app security is a consumer right

The shift towards mobile apps to cover all the bases in our everyday lives, from health and fitness trackers and shopping to movie streaming and banking, is an unstoppable, albeit very welcome force. Smartphones are nothing without the ability to dip into an app-store, browse for a while, and download a new tool or something to keep us challenged or entertained.

Millennials and the GenZ cohort, in particular, see both their working and personal lives through the lens of their phones. They know no different. But when it comes to the security of their mobiles and the apps they use, recent studies seem to indicate a conflict.

Research carried out by F5 Networks in the US and the UK’s YouGov found that less than half of those aged 18-34 in the Asia-Pacific region prioritised the functionality of an app over its security features. It was the opposite for older respondents. The study, which they titled ‘The Trade-off Between Security and Convenience’, said that while millennials were aware of the risks of potential data security, they are less likely to be concerned about them. Indeed, 32% would even continue to use an app when data security is compromised.

Conversely, a Vocalink report ‘The Millennials influence in Asia’, which looks into attitudes to payment processes and apps, says that while millennials in South East Asia are already embracing mobile payments they also indicate significant concerns about the security of this channel, and an appetite to address these through enhanced verification tools. Interestingly, however, the report found that two-thirds or more in the countries surveyed would prefer to see fingerprint verification replace signature or PIN to pay by mobile and by card, while other options, such as eye scans, facial recognition and voice to pay are each less preferred. The message is clear, all of those methods represent a better, more convenient choice than signature or PIN.

Of course, not all apps represent a security threat. But for those of us developing tools that require the input and storage of sensitive personal data, it is important that we take our responsibilities seriously. The onus should not be on our customers, but on our technology, to ensure that security is built-in at the heart of our apps. The legitimate use of data is important to ensure mobile services can be personalised, but reassurance needs to be provided regarding how much of it is used to track customer activity, and how it is handled.

In our KoverNow app, we utilise 256 bits encryption, and what this means is the highest level of encryption for customer data that passes between the app and the back-end. Once it is in the back-end, the data, including details of the insured items in the Vault, is stored on a secure cloud. When we request data, it is decrypted, but we only capture basic details from our customers before they are transferred to an underwriter with another form of encryption. We are strictly governed in Singapore, where our app is currently available, by SingPass, every Singapore resident’s trusted digital identity, which enables easy and secure access to our services.

This process means that our customers can be sure that their data is protected and more importantly, they don’t have to choose between security and convenience. They can have both, without any compromises.