Banking Mobile SecurityBy Ericka Chickowski | Print
Smartphones are everywhere, and they are carrying vital corporate data, whether they are secured or not. With the exposure of 150,000 iPad owners' personal data recently, along with new reports that highlight Android security problems, opportunities abound for channel partners that can create a mobile-security practice for business customers.
With so many consumers transitioning to mobile-banking applications, the interest from financial institutions in mobile security is growing. In a report out last week from analyst firm Ovum, industry watcher Graham Titterington noted that the insecurity of mobile devices and the growing computational power of individual devices make the mobile channel a likely risk as an attack vehicle.
"As the ecosystem becomes more diverse, more powerful and complex and more integrated with the IP world" he wrote, "hackers will find ways to attack it and perpetrate fraud. Mobile and Internet banking security communities must work together. Although the means of attack are channel specific, the business level threats are the same.
"As mobile banking services become more powerful, the two channels will move towards being alternative interfaces to a common service. This will create the danger of crossover threats, where weaknesses in one interface may be used to attack the other one."
This will give channel partners a tremendous opportunity to package solutions for financial customers seeking to meet these threats head on. According to Ovum, mobile-security technology areas that will be key for the banking include the following:
- user authentication
- malware detection
- end-to-end encryption
- bank-session monitoring
- blocking of suspect connection
- fraud detection for all transactions
Clearly, all of these are similar to the practices already held dear by financial companies for internet banking--the challenge for partners will be to apply them to the mobile space.