This year will be the year when new mobile banking and payment initiatives will be increasingly targeted by those engaged in fraud and identity theft.
The prediction comes from financial services advisory firm TowerGroup, as banks increasingly view the mobile phone or other device as a potential credit or debit card.
Visa, for instance, is currently conducting trials for mobile payments enabled between a mobile phone and point of sale terminals.
While most mobile phones are potential targets, smart phones and wireless PDAs are particularly attractive to fraudsters given their advanced capabilities to support PC-like applications including web browsing and instant messaging, said the consultant.
From research it has conducted, TowerGroup believes that current mobile commerce initiatives emerging from the financial services industry “lack a reasonable and justifiable focus on mobile malware“.
Bob Egan, an analyst at TowerGroup, said, "The success of mobile banking and payments, as well as the concept of the mobile wallet, will be measured against the industry's ability to effectively contain malware problems to a level that is at least on par with that of the existing internet channel.”
Egan said, “Over 200 mobile viruses have already been identified, a number that is doubling nearly every six months. Now is the time for IT managers and line of business heads within institutions to take action to protect both their companies and customers from mobile malware."
To protect themselves, TowerGroup recommends that firms must create enforceable policies regarding mobile usage, that are communicated to employees, including what type of mobile downloads are safe and allowable.
Wireless carriers serving an institution must also install and monitor mobile safeguards; and the use of personal mobile phones that can be used for corporate activities should be restricted, mirroring the security and protocols now in place for PCs.
Firms must also evaluate which combinations of network and device based security solutions represent the right fit for the institution - and prioritise their deployment.
Egan said, "IT managers must examine extending their existing malware and virus security initiatives to include mobile phones. Likewise, the mobile commerce industry beyond financial services players must step up to take more aggressive and immediate actions to circumvent the potential of fraud and theft.
“To ensure that the mobile banking and payments channel will ultimately thrive, there is no time to waste in getting ahead of the malware challenge," he said.
Comment on this article: [email protected]