An online forum for thought leaders to discuss the challenges and opportunities impacting the changing world of banking.

« New Chapter in U.S. Core Banking | Main | The Importance of Partnership in Banking »

A Multifaceted Approach to Mobile Security

The mobile channel emerged as the perfect solution for financial institutions in search of a way to extend reach, improve customer convenience and lower operating costs.  That being said, mobile banking may have enhanced customer experience and supported financial inclusion, but it has been dogged by security issues all along. Service providers have to safeguard transactions at three levels – authenticate user identity, protect devices against replication and secure data transmission. While various technologies such as user and mobile PIN, data encryption, limited on-device data storage and multi-factor authentication improved the safety of mobile transactions, they could not be universally applied and hence, excluded a huge number of older or less powerful devices.

With mobile banking morphing into the much larger mobile-payment, involving any number of third parties, the risks got bigger, extending as far as money laundering and terror financing. M-payments, which can be classified as proximity or non-proximity transactions depending on whether the paying and receiving devices are physically located near each other or not, present different security issues. One of the key concerns of regulatory authorities, banks and other service providers is to safeguard stolen instruments so that they cannot be used to perpetrate identity or financial fraud. They are addressing this threat through the use of firmware such as security-enhanced SIM or memory cards. Other measures include better KYC regulation, compliance and identity verification by the banks’ agents.

Although mobile security is making progress, there isn’t yet a "one size fits all" miracle solution mainly because of enormous device diversity. Hence, banks and other financial participants in the mobile transactions chain will have to pursue a multi-pronged approach, at least for some time. Moreover, they cannot go it alone, and will need to collaborate with regulators, telecom operators and technology vendors to ensure that transactions are secured from the regulatory, networking and infrastructure angles.

Posted by Kiran KSR on February 23, 2010 2:53 AM |

TrackBack

TrackBack URL for this entry:
http://www.infosysblogs.com/apps/mt-tb.cgi/971

Comments

Yes, I agree 100% that all the players in the Industry would have to work together to zoom the mobile banking transactions.

Towards this end, I believe Reserve Bank of India, DPSS is doing a wonderful job.

And, another aspect which will aid in the growth of mobile banking transactions will be the launch of the the UID

Posted by: prashantn | March 4, 2010 4:42 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.