As mobile banking continues to grow at an exponential rate, the financial industry is faced with a critical challenge: How to keep user credentials secure without compromising on efficiency. Password-based authentication is still dominant but has major limitations which compromise both security and user experience. These systems are susceptible to the most common attack vectors such as phishing, malware and man-in-the-middle attacks, especially if users are using weak passwords or sharing passwords. Additionally, mobile devices have limited input interfaces that are frequently sources of frustration and error. As a result, there is increasing interest in other more secure and convenient alternatives such as biometric and multi-factor authentication (MFA) to mitigate the inherent weaknesses of password-based systems. This systematic literature review, which covers studies from 2020 to 2025, provides a critical review of biometric authentication methods used in mobile banking. It analyses existing approaches, security risks and implementation practices adopted by major banks across the world. While biometric systems are more secure and user friendly than traditional systems, they also introduce new challenges in terms of privacy, spoofing and regulatory compliance. The review gives a detailed overview of the current advances, key issues, and emerging research directions, which will give valuable insight to the development of secure and easy-to-use authentication systems in mobile banking.
