Banks aren’t the only ones interested in having secure applications. In fact, they’ve not even alone in deploying secure applications for payments and mobile wallets. To serve this expanding market, mobile operators and device manufacturers are likely to attempt to differentiate their offerings through their respective security models.
Accordingly, a proliferation of new form factors that accentuate security and privacy is likely. This trend should afford financial institutions with an opportunity to forge useful new partnerships.
Already, some customers can order devices with security software pre-installed or available through a six-month free trial. “Network operators and handset manufacturers are enabling people to download and install security software to police and monitor their handsets to ensure there isn’t any snooping,” says ABI Research’s John Devlin. “A relatively small proportion of phones have that.”
Banks might extend upon the pre-installation approach by having their own mobile applications pre-installed on new smartphones. These applications may work in concert with other new technologies that bolster smartphone security at the device level. “There are moves from various hardware and semiconductor companies to improve security by creating a trusted execution environment,” says Devlin. “You can create closed areas on the processor that can prevent other software applications from being able to access, spy, or report on any data that’s happening in those secure applications, effectively putting in a firewall.”
Phones designed and built according to the NFC (Near Field Communication) standard can also ratchet up security by communicating with a separate token device, such as an NFC-enabled smart card, for an added layer of out-of-band communication. These phones would be capable of working with various point-of-sale schemes involving NFC, and banks would certainly have an interest in being involved in those transactions as well. Furthermore, the same security that governs the NFC chip would also be extremely useful for servicing the current generation of mobile banking applications.