Last week the topic of mobile banking security was raised in a number of forums.

• Unisys issued a report entitled “Unisys Identifies Five Security Issues Likely to Emerge Across Multiple Industries in 2008.” The article specifically identified the #2 security issue in 2008 as, “Banks will face significant challenges in protecting consumers’ data and financial assets as more clients turn to mobile devices to conduct transactions.” The article continued, “Because of the design of near-field technology and the way in which consumers use it, such devices could be open to attacks such as ‘phishing.’” Click to read the full article >>
  
  
• BankInfoSecurity.com published, “Mobile Banking - Is it Ready for Prime Time?” by Linda McGlasson Managing Editor. She writes, “(Nick Holland - Aite Group) describes one vector where mobile phones could be most vulnerable to attack. ‘Where phishing is primarily an attack over email, and it moves the victim to a fraudulent website, with mobile there is very little integrity in any of the channels,’ he says. ‘There are multiple channels users have to be aware of.’”
  
  
• B.I.T.S. Security Forum will be hosting an event on March 6-7 titled “Securing Web-based Business Applications.” Within the agenda one of the primary objectives is described as, “Anticipating innovations in Web 2.0 and mobile technologies that may impact security, fraud and privacy protection in the near future.”

Amidst all this discussion about security, I believe there are two fundamental questions:

1. What are the risks?
2. How do we eliminate and/or mitigate them?

My take:
A major problem mentioned in both articles is phishing. This problem has little to do with encryption, technology, or programatic improvements. The real solution is a well-designed and consistently promoted client-education program. Unfortunately, while this should be a fundamental component of all online products and services, it’s an area that is sometimes overlooked.

And, for the rare occasion when a breach does occur, the financial institution needs to develop and promote a 100% mobile guarantee. According to McGlasson, “Wells Fargo is using the same layered approach in security for mobile banking as it uses in its internet banking offerings. In the mobile channel, Wells Fargo also offers the same 100% online security guarantee to its customers.”

The topic of security is critical and therefore will remain high on our priority list. If you have any thoughts or opinions on the issue, we strongly encourage you to share them by commenting below. However, if you would prefer for your question to remain anonymous, please feel free to send a confidential email to jim@netbanker.com. 

See my previous article here.

Brandon McGee is not only the real deal, a genuine industry insider, but also knows exactly what's on the minds of financial service pros as they contemplate the various mobile options. For more great content, check out his blog, Mobile Banking, and be sure to join BAMA (Bankers Alliance for the Mobile Arena).