“We expect to see a lot more fraud in the next 12 months – muchmore. As more financial institutions issue Android apps, the fraudwill go up,” predicts Amit Klein, manager of the security team atTrusteer, a Boston-based leader in financial services malwareresearch.

Central to Klein's worries are that Google does not (as Apple does)security check apps before making them available for download tophones. Google also does not (as Apple does) require that all appsbe distributed through only one, vetted source (The Apple AppStore, in the case of iPhone.)

“We believe this will be a serious threat,” Klein said. “We arenot seeing Google putting up a good fight against the fraudsters.We are seeing Google doing what Microsoft did 10 years ago whichwas basically the bare minimum. That's not enough; the Androidsecurity model is not strong enough.”

With Google, anybody can upload an app to any site – and thereis where much mischief arises. A huge trending problem is withcyber criminals taking a legitimate app and “repackaging it,” asthe cyber security experts put it. What that means is that malwareis injected into an otherwise legitimate app and it is very easyeven for savvy users to fall victim.

There are no known instances of financial apps being“repackaged” – but there also is no reason to believe mobilebanking apps are immune.

“In the next six to 12 months we will see a lot more financialinstitutions rolling out mobile banking apps and we will also see alot more fraud,” predicted Klein.

Not all mobile security experts are as downbeat as Klein. At Lookout, a San Francisco-based mobilesecurity company, CTO Kevin Mahaffey is adamant that – although theAndroid platform has vulnerabilities – there are also comparativelyeasy fixes such as urging users to install anti-virus apps.

“We know the steps that need to be taken with Android,” saidMahaffey.

Klein, however, remained cautious. “My advice is to wait andwatch what Google does to improve Android security over the nextyear,” he said.