25 May 2017
Visit cib.db.com

Banks must wake up to mobile virus threat - Ovum

06 July 2010  |  13636 views  |  0 Iphone screen close up

Banks offering m-payment services need to start working with mobile network operators and handset manufacturers to improve security in anticipation of increased malware threats, according to analyst house Ovum.

Ovum argues that mobile banking is inherently vulnerable because handsets are liable to be lost, stolen or hacked and are used in situations that are less secure than sitting in an office or at a home computer.

Graham Titterington, principal analyst, Ovum, says: "Mobile networks may be intercepted either by breaking the wireless encryption mechanism or by hacking into the wired backbone of the network where encryption is not mandatory under telecommunications standards. IT malware that compromises back-end servers, but is harmless in the wireless environment, may be passed through the mobile banking interface."

Ovum says defence has to be designed incrementally to a level that is at least equivalent to that deployed in Internet banking but it cannot be a simple copy. While many of the concerns and strategies are similar, the approach must be tailored to the characteristics of the channel and the way in which it is used.

In addition, security must not detract from usability - unobtrusive enough not to interfere with normal transaction flows while still providing users with the confidence to know that their banking activities are protected.

Says Titterington: "Banks must adopt a 'defence in depth' strategy to detect and limit the effects of an attack. Network vulnerabilities can be avoided by adopting end-to-end encryption of transactions, independent of any encryption provided by the network operator.

"The main objection to this in the past has been the limited computational power of the mobile device, but the time has come to reject this argument as mobile devices become more powerful. Encryption, while not a panacea, protects against eavesdropping, message alteration, and 'man-in-the-middle' attacks."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Wells Fargo extends m-banking app range; offers text banking at ATMs

Wells Fargo extends m-banking app range; offers text banking at ATMs

29 June 2010  |  10134 views  |  0 comments
Soaring mobile payments uptake in 2010 - Gartner

Soaring mobile payments uptake in 2010 - Gartner

22 June 2010  |  10675 views  |  1 comments | 1 tweets
Smartphones to drive European m-banking take-up - Forrester

Smartphones to drive European m-banking take-up - Forrester

27 April 2010  |  9688 views  |  0 comments
NAB ponders voice biometrics for m-banking

NAB ponders voice biometrics for m-banking

26 November 2009  |  15985 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.niceactimize.comvisit vasco.com/news/PSD2-compliant-solutionsDownload the paper now

Top topics

Most viewed Most shared
Banks must get on AI bandwagon now – new Finextra researchBanks must get on AI bandwagon now – new F...
9352 views comments | 22 tweets | 31 linkedin
Google and PayPal partner for mobile shopping by fingerprintGoogle and PayPal partner for mobile shopp...
9274 views comments | 28 tweets | 28 linkedin
Twins fool HSBC voice biometrics - BBCTwins fool HSBC voice biometrics - BBC
9013 views comments | 21 tweets | 24 linkedin
BBVA launches Open API marketplaceBBVA launches Open API marketplace
8031 views comments | 37 tweets | 59 linkedin
BBVA brings info and payments to social and messaging networksBBVA brings info and payments to social an...
6803 views comments | 11 tweets | 17 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job