While many banks claim to adopt a mobile-first strategy, they often tie their mobile apps to internet banking during activation and customer onboarding. Initially, this was a functional concept, as mobile banking existed as an auxiliary channel to internet banking. Webinar Recording: https://www.youtube.com/watch?v=pybyvAWFVOQ&ab_channel=SMEBankingClub However, as user adoption of mobile banking has grown, attackers have increasingly targeted activation and onboarding processes. Fraudsters use internet banking as their self-care system: Since internet banking is available online and to anyone with an internet connection, it’s a handy hacking console that attackers routinely use to cause damage. By efficiently hijacking mobile banking activation and onboarding via internet banking, attackers pair victims’ accounts to their devices. They then gain complete control over the customer’s bank account and can steal both their money and pre-approved loans, leaving an audit trail that’s difficult to investigate. The solution to this problem is for banks to genuinely become mobile-first through rethinking their mobile onboarding process. Financial organizations can ensure better customer verification and prevent financial fraud through mobile personal identification (such as a document scan) and genuine presence check (using server-side facial biometrics). At the same time, banks should aim to use customers’ official government identity as input to the process and propose legislative changes to enable such access.