Infrastructure

12:11 PM
Beau Woods, Dell SecureWorks
Beau Woods, Dell SecureWorks
News
Connect Directly
RSS
E-Mail
50%
50%

6 Ways to Secure Mobile Apps

As more and more consumers adopt mobile banking, hackers will begin targeting mobile devices with increasing frequency.

Related: How to Build a Bionic Mobile App

While mobile banking applications are becoming the wave of the future, if not constructed securely, they could allow hackers to hijack your customers' accounts. But that doesn't mean you should forego mobile banking.

When designing a mobile banking application, not only do the developers need to consider the application's functionality and usability, but they must consider the security of the application. Essentially, today's smartphone is just a small computer. Thus, as more and more consumers adopt mobile banking, the hackers will target the mobile device. There are six security best practices that banks should follow when developing mobile applications:

1. Make sure your organization or outside development firm uses seasoned application developers who have had secure-coding training and use a secure software development life cycle (SDLC).

2. Follow the guidance suggested by the Federal Deposit Insurance Corp. (FDIC FIL-103-2005) regarding authentication in an Internet banking environment. The guidance describes enhanced authentication methods, such as multifactor authentication, that regulators expect banks to use when authenticating the identity of customers using the bank's online products and services.

3. Make sure that you require the customer to re-enter his or her credentials after a certain time period to prevent someone other than the mobile device's owner from obtaining access to private account information.

4. Hire an information security expert to assess the security around your mobile application servers. Unfortunately, a bank's servers are often overlooked during a risk assessment, as they require a specialized skill set to test them.

5. Encrypt sensitive data that is stored on a mobile device and account data that travels from the handset across the Internet. Ensure that the encryption is implemented properly.

6. Hire a security expert to test the security of a mobile application before you implement it across your customer base.

Beau Woods is Solutions Architect for Security and Risk Consulting Services at Dell SecureWorks (Atlanta).

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Oct. 14, 2014
Bank Systems & Technology's new Must Reads is a compendium of our best recent coverage of customer analytics. Learn what big data means for banks, meet Wells Fargo CDO Charles Thomas, find out how to connect with your Gen Y customers, and more.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.