I am currently developing a mobile banking app for a Bank. The concern is how should this app be distributed to the end customers.
There are two school of thoughts:
a) Put the app on the android market and\or other app stores
pros: Bank can target large customer base to download the app.
Bank does not have to go into the hastle of installing download procedures on their website.
cons: Major securing concern regarding phishing attack. At present the bank advises it’s customers not to trust any other URL for banking transaction as they can be a phishing attacks. Hence such a move will contradicts banks stand. The concern will be tomorrow some hacker puts an app with the Banks name and publishes it on some other app-store.
b) Put the app on the Bank’s official website.
pros: No security concern in the form of publishing it.
con: Not very sure?
Kindly advise what will be the better strategy.
Very interesting question. Actually when searching the Android Market, a banking app for my bank based in Holland shows up. It even has a link to the website of that very same bank. Your question made me think, as there is no way to check if this app is actually published by the bank.
Browsing the link to the bank app page, it says the app can be downloaded by texting (SMS) a code to a dedicated number, after which the bank will send you a downloadlink to their banking app. Now I guess that would be a good way of making sure you won’t download a spoof app.