Article Preview
Top1. Introduction
The recent advancement of fintech technologies allows users to manage financial activities, such as fund transactions and account balance checking, with digital devices (e.g., computers, tablets, smartphones, etc.) that are connected to the Internet. The convenience and effectiveness of fintech have recently resulted in a high penetration rate in the global banking market, i.e., 73% of participants globally use Internet banking at least once a month, compared to 59% who use mobile banking apps (Srinivas & Wadhwani, 2018). In Malaysia, mobile banking transactions increased dramatically, from 13.6 million in 2011 to approximately 936 million in 2020 (Muller, 2021). As fintech promises a transformative service for individuals, enterprises, and governments, the increased frequency and ferocity of cyberattacks have alerted the existential security vulnerabilities, threats, and risks in current fintech technologies. Various electronic authentication mechanisms have been deployed in fintech industries recently; whether these solutions meet the security requirements and technical standards for the fintech industry remains unclear. Several surveys and reviews analysing fintech security threats and risks challenges have been published over the last decade. These existing surveys and analytics on fintech security are chronologically summarised in Table 1.
Table 1.
Chronological summary of previous security analytics and surveys in the e-banking security
| Year | Reference | I | M | Description |
| 2009 | Syamsuddin et al. | ✓ | | A general study of Internet banking security in Indonesia using the analytic hierarchy process (AHP). Focus on the perspectives of management, technology, economy, and culture. |
| 2012 | Subsorn and Limwiriyakul | ✓ | | Comprehensive security analytics of Thai commercial banks that focuses on user and systems information and privacy, authentication technology and security features |
| 2013 | Choubey et al. | ✓ | | A review of user identification techniques in European Internet banking |
| 2014 | Park et al. | | ✓ | Analyses authentication methods of the smartphone banking system in Korea from the security, convenience and cost perspective, and the studied authentication methods are limited to one-time passwords (OTP), Biometrics, and security cards |
| Cheng | ✓ | | A brief security risk analysis of China’s e-banking systems by using the AHP approach |
| Dmitrienko et al. | | ✓ | Focuses on studying the security of two-factor authentication (2FA) by conducting cross-platform attacks |
| 2015 | Krol et al. | ✓ | ✓ | Analyses the usability and perceived security of 2FA in UK banks by using the interview method |
| 2016 | Kiljan et al. | ✓ | ✓ | A comprehensive survey on user authentication and communication mechanisms of internet and mobile banking, involving 80 banks worldwide |
| Althobaiti | ✓ | | Assesses usable security of multi-factor authentication (MFA) in United Kingdom banking by using questionnaires and field tests |
| 2017 | Bucko | | ✓ | Assess Slovakia’s smart banking system from the technological security perspective |
| Sinigaglia et al. | ✓ | ✓ | A survey of authentication methods in Europe banking |
| 2018 | Kiljan et al. | ✓ | ✓ | Analyses the authentication methods during the payment transaction |
| 2020 | Abualsauod et al. | ✓ | | Focuses on identifying the security assurance gaps of online banking in Saudi Arabia |
| Anoud et al. | ✓ | | Analyses the authentication methods of E-banking systems in the United Arab Emirates with different attack vectors |
| 2020 | Sinigaglia et al. | ✓ | ✓ | Comprehensive security analytics that focuses on MFA mechanisms in supporting banking remote payment transactions |
| 2022 | Najam and Butt | ✓ | | A very general discussion on Internet banking |
Note. I = Internet banking, M = Mobile banking