5 Critical Strategies for Mobile Banking Security

To the best of their ability, banks need to ensure that their services are available and secured within any mobile phone configuration. Because absolute security is nearly impossible to attain in the mobile world, banks’ back-end systems have to be prepared to detect anomalies and fraudulent activity in the event that a front-end channel has been compromised.
July 20, 2012

5. Defense-Minded Devices: Building a Better Data Fortress

Banks aren’t the only ones interested in having secure applications. In fact, they’ve not even alone in deploying secure applications for payments and mobile wallets. To serve this expanding market, mobile operators and device manufacturers are likely to attempt to differentiate their offerings through their respective security models.

Accordingly, a proliferation of new form factors that accentuate security and privacy is likely. This trend should afford financial institutions with an opportunity to forge useful new partnerships.

Already, some customers can order devices with security software pre-installed or available through a six-month free trial. “Network operators and handset manufacturers are enabling people to download and install security software to police and monitor their handsets to ensure there isn’t any snooping,” says ABI Research’s John Devlin. “A relatively small proportion of phones have that.”

Banks might extend upon the pre-installation approach by having their own mobile applications pre-installed on new smartphones. These applications may work in concert with other new technologies that bolster smartphone security at the device level. “There are moves from various hardware and semiconductor companies to improve security by creating a trusted execution environment,” says Devlin. “You can create closed areas on the processor that can prevent other software applications from being able to access, spy, or report on any data that’s happening in those secure applications, effectively putting in a firewall.”

Phones designed and built according to the NFC (Near Field Communication) standard can also ratchet up security by communicating with a separate token device, such as an NFC-enabled smart card, for an added layer of out-of-band communication. These phones would be capable of working with various point-of-sale schemes involving NFC, and banks would certainly have an interest in being involved in those transactions as well. Furthermore, the same security that governs the NFC chip would also be extremely useful for servicing the current generation of mobile banking applications.

[Next: Recommendation: Think in Terms of Strategy, not Compliance]

Bank Systems & Technology encourages readers to engage in spirited, healthy debate, including taking us to task. However, Bank Systems & Technology moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Bank Systems & Technology further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
< Previous1 2 3 4 5 6 7 8 Next > 

< Previous1 2 3 4 5 6 7 8 Next >