With 86 percent of American adults owning a mobile handset, mobile banking is poised for explosive growth, research suggests.

Currently, 36 million adults are using mobile banking, with "smartphone" users—18 percent of Americans—being the heaviest users, but by 2014 that number is expected to grow to 99 million adults, says a new study by San Francisco-based Javelin Strategy & Research.

Javelin says the growth of mobile banking will present new risks and opportunities in authentication—or helping protect consumers by confirming their identity—and those financial institutions that combine affordability, consumer usability, and effectiveness will have the greatest advantage.

In August and September, Javelin polled 2,000 consumers to gauge their perceptions of mobile banking and corresponding authentication security methods. It measured ease of use, effectiveness, and high-risk authentication.

Its research showed that, for ease of use, six of 10 respondents preferred simple authentication methods such as image recognition. Security questions came in a close second, with 59 percent ranking that method easy to use. In contrast, just three in 10 respondents ranked biometrics as easy to use. In this context, biometrics refers to the automated recognition of a person based on their behavioral and biological characteristics, such as from their fingerprint, retina, facial geometry, or voice.

For effectiveness, simple security questions—or knowledge-based authentication—was ranked highest in effectiveness by 65 percent of survey respondents.

For high-risk authentication, respondents ranked an additional security question as the preferred method, with three in 10 trusting it as their method of choice.

"Mobile banking is a convenient new channel that is enjoying widespread adoption," says James Van Dyke, president of Javelin. "While there are obviously new critical risks, this 'always-on' channel for monitoring finances can also manage risk across all other channels. A multilayered approach to authentication provides the most effective means of mitigating fraud while improving upon the consumer experience."

While mobile banking comes with risks, mobile authentication can help reduce the risk of fraud across all banking channels, from ATM to branch, Javelin says. Collectively, new-account and existing-account identity fraud adds up to $48 billion, with an average per-victim cost of nearly $550.

The two most promising authentication technologies are mutual authentication and device recognition, which provide substantial protection while also offering ease of use. Mutual authentication also is called two-way authentication and is a process or technology in which both entities in a communications link authenticate each other. In a network environment, for example the client authenticates the server, and vice versa. In this way, network users can be assured they're doing business exclusively with legitimate entities, and servers can be certain that all would-be users are attempting to gain access for legitimate purposes.