Mobile banking to be targeted by fraudsters

This year will be the year when new mobile banking and payment initiatives will be increasingly targeted by those engaged in fraud and identity theft. The prediction comes from financial services advisory firm TowerGroup

This year will be the year when new mobile banking and payment initiatives will be increasingly targeted by those engaged in fraud and identity theft.

The prediction comes from financial services advisory firm TowerGroup, as banks increasingly view the mobile phone or other device as a potential credit or debit card.

Visa, for instance, is currently conducting trials for mobile payments enabled between a mobile phone and point of sale terminals.

While most mobile phones are potential targets, smart phones and wireless PDAs are particularly attractive to fraudsters given their advanced capabilities to support PC-like applications including web browsing and instant messaging, said the consultant.

From research it has conducted, TowerGroup believes that current mobile commerce initiatives emerging from the financial services industry “lack a reasonable and justifiable focus on mobile malware“.

Bob Egan, an analyst at TowerGroup, said, "The success of mobile banking and payments, as well as the concept of the mobile wallet, will be measured against the industry's ability to effectively contain malware problems to a level that is at least on par with that of the existing internet channel.”

Egan said, “Over 200 mobile viruses have already been identified, a number that is doubling nearly every six months. Now is the time for IT managers and line of business heads within institutions to take action to protect both their companies and customers from mobile malware."

To protect themselves, TowerGroup recommends that firms must create enforceable policies regarding mobile usage, that are communicated to employees, including what type of mobile downloads are safe and allowable.

Wireless carriers serving an institution must also install and monitor mobile safeguards; and the use of personal mobile phones that can be used for corporate activities should be restricted, mirroring the security and protocols now in place for PCs.

Firms must also evaluate which combinations of network and device based security solutions represent the right fit for the institution - and prioritise their deployment.

Egan said, "IT managers must examine extending their existing malware and virus security initiatives to include mobile phones. Likewise, the mobile commerce industry beyond financial services players must step up to take more aggressive and immediate actions to circumvent the potential of fraud and theft.

“To ensure that the mobile banking and payments channel will ultimately thrive, there is no time to waste in getting ahead of the malware challenge," he said.

The Big Question: Do you ever link your gadgets to the corporate network?

Mobile network security

Comment on this article: computer.weekly@rbi.co.uk

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close