To support financial institutions (FIs) in developing and deploying secure mobile banking applications (apps), e-security solutions provider, Cryptomathic has released a white paper Secure Mobile Transactions Fact or Fiction?. The paper not only details the countermeasures that can be applied against current security threats on mobile devices, but also provides clear direction to FIs on how to create a sustainable mobile app security strategy that is independent of mobile network operators (MNOs).
As FIs continue to expand their services through mobile devices, smartphones are increasingly used to store consumers sensitive payment credentials to facilitate transactions when they are on the move. Cryptomathic explains that this trend increases the risk of malware exploits and malicious attacks on banking apps, which raises much concern from the banking sector about the security vulnerabilities of mobile platforms.
This paper, of interest to banks, service providers and mobile app developers at both a technical and business level, begins by outlining the current mobile threat landscape. This is followed by an overview of the limitations of different mobile platforms and the challenges presented by this evolving environment when creating and implementing a long-term, sustainable security defence strategy.
The document also acknowledges the need of FIs to remain independent from both device manufacturers and MNOs and explains how they can retain control of their mobile app security in order to promote cost-effective, large scale deployments.
The first step in developing a robust security defence strategy to protect a mobile banking app is to understand attack scenarios and the motivations of those behind the attack, comments Peter Landrock, executive chairman Cryptomathic.
Our latest white paper shares this knowledge before providing FIs with the structure needed to build a complete evolutionary security strategy that can respond to the ever changing threats of the marketplace and remain flexible to future requirements. This level of adaptability is vital to ensure mobile payment services are commercially viable and that apps do not need to be extensively altered to support dynamic security requirements.
To download the white paper visit