Security factors that financial institutions must take into account include mobile malware, mobile software/app assurance, application and OS trust management, data protection, identity and access management, according to IDC Financial Insights. Tactics banks should consider include mutual authentication approaches that incorporate multi-factor, multi-layered security techniques, for example, online banking transaction confirmations via SMS or call back.
Banks have to balance the need for security with the important need to provide a usable experience for the customer. “If it’s too hard, no one will use it, and if it’s too easy it might be insecure,” said Drew Sievers, cofounder/CEO of mFoundry, San Francisco. “In the mobile category, it’s important for a bank to use a solution that has multiple factors of authentication, leveraging something the customer knows like a special mobile PIN, and something the customer has like their phone.”
For more information read the article in Mobile Commerce Daily: http://www.mobilecommercedaily.com/2011/04/21/financial-institutions-must-address-security-concerns-in-mobile-banking-and-payments
