International Journal of Science, Engineering and TechnologyAuthors: Anvar Sadath A K, Hafeesa M Habeeb
Abstract: Mobile banking has emerged as the dominant channel for financial services, but its rapid adoption has also made it a prime target for cyberattacks. Despite the availability of strong cryptographic primitives and advanced authentication models, real-world implementations remain plagued by misconfigurations, API vulnerabilities, and human factors. This survey provides a structured technical review across three foundational pillars of secure mobile banking: encryption standards, authentication protocols, and risk mitigation models. We analyze the evolution from legacy schemes such as RSA and SMS OTPs to modern approaches including TLS 1.3, ECC, FIDO2, and AI-driven fraud detection. Comparative analysis reveals that while cryptographic algorithms are robust in theory, weak deployments and usability–security trade-offs continue to undermine resilience. Real-world case studies—including SIM-swap fraud, banking malware (Zeus, Anubis, Cerberus), and OAuth misconfigurations—are used to contextualize threats. Finally, we synthesize research gaps such as lightweight quantum-resistant cryptography, explainable AI in fraud detection, and standardized API security, outlining a roadmap toward globally harmonized, user-centric, and adaptive mobile banking security frameworks.
