Mobile Banking Security – Think Beyond the Device

Industry Transformations3 minutes readAug 28th, 2013

In 2011, the sale of smart phones topped 488M units which beat PCs worldwide for the first time. There are now over 1 billion smartphone units in use worldwide, and the next billion is expected within 3 years. Mobile banking is more than just a flashy add-on. After lower fees, customers’ top priority is for their banks to improve online and mobile banking. Customers want flexibility and control in their banking solution—contacting their bank whenever and however they choose. If the promise pans out, mobile banking will become the primary channel through which customers interact with their banks.

At stake is a top line and a bottom line opportunity of unprecedented size – A pool of nearly 69M U.S. retail customers with smart phones worth over $34B per year in revenue that banks will be vying for if they can deliver on the mobile promise. The other side of the coin is cost reductions. Booz & Co estimates that banks can save up to 20% in operating costs through self-service by preventing calls, shifting calls from agents, and reducing call transfers which could lead to millions in savings each year for a bank.

How are banks preparing for their business and their systems for this shift? Survey after survey reveals that security fear—both from the customer and the bank—is the number one obstacle to mobile apps taking off. The bank that develops delivers and markets a secure mobile channel will have the inside track on the large and fruitful market segment that is currently holding back. To achieve this secure mobile flexibility requires:

  • A well-thought out security strategy for Mobile environment that considers not just the device, but all possible dimensions of security lapses – Devices, Apps, User & Data
  • Segmentation of your customers based on transaction value and the way they interact with the bank. Customize the level of security based on individual customer need. For example, multi-factor authentication might be considered a nuisance by heavy corporate users, whereas a nervous consumer would be comforted by additional layers. For customers with advanced security needs, make their data communication endpoints undetectable on a network, thereby eliminating them as targets for hackers
  • Development of mobile application with robust security practices. For example, making sure that key data or business logic does not reside at the application or device level. This would ensure that cyber thieves does not get easy access to sensitive information
  • Creation of a data-centric infrastructure, where the security and access control is at the data level and not at the device. This would ensure that, any change at the device or user environment will not compromise the integrity of the data.

A secure mobile channel is just the beginning. Tomorrow’s leaders are securing their entire organization for a mobile future.

Tags-   BYOD Mobile applications Mobile Banking Mobility Security