Sunday, 21 October 2012
Can banks get security right for mobile banking?
Goode Intelligence (www.goodeintelligence.com) has reported that the mobile banking channel has the potential to be more secure than 'traditional' online banking.
“Mobile devices do create new risks but they can also help to make online banking considerably more secure”, said Ron Condon, report author and senior analyst at Goode Intelligence.
In its new report Mobile Banking Security, Goode Intelligence provides an insight into the current state of mobile banking security. This 50+ page report analyses the importance of security for mobile banking and investigates how banks, with the help of their technology partners, are deploying solutions to prevent fraud and identity theft.
The report shows that there is a great opportunity for banks to benefit from the immediacy that smart mobile devices (SMDs) offer. However, Goode Intelligence believes that there are still significant risks in adopting these exciting new communication channels and that they must be counteracted before consumers confidently accept them.
With the rise in mobile malware and cases of bank Trojans attacking mobile-based authentication solutions, banks must be vigilant and offer their customers a blend of security combined with excellent user experience.
Condon believes that the key to successful adoption for mobile banking services is a stellar user experience: “Heavy-handed security measures can often spoil the mobile user experience. Take authentication. If the bank customer has to use a hardware token to provide strong two-factor authentication (2FA) to access their banking service on a mobile device than this can completely destroy the user experience and lead to frustration. Security must blend in with the mobile banking experience.”
According to Goode Intelligence, banks should adopt a number of measures to ensure that adequate security controls are integrated into the heart of their mobile banking strategy; these include:
• Consider using the in-built features of a mobile device for stronger multi-factor authentication and verification (MFA/MFV), including biometrics, behavioural analysis and geolocation
• Monitor apps stores for any rogue apps that purport to represent your company – and kill them quickly
• Introduce a plan for updating mobile banking apps
• Ensure that mobile banking apps are security tested
• Integrate mobile apps with other banking channels, so that security lessons learned in one channel benefit the others
• Educate users about system hygiene when upgrading their handset, and disposing of an old one
Further information about the Mobile Banking Security Insight Report can be found at www.goodeintelligence.com
Goode Intelligence is the leading research, analysis and consultancy organisation for the mobile security industry; providing services to global technology and telecommunications organisations. For more information about Goode Intelligence please visit www.goodeintelligence.com
(EDITOR: There's something that users of smartphones can do to help themselves. Ensure they install antiviral software on their phone.)