IT in Banking

Entersekt offers guidance on securing mobile channel amid FBI cautions

US Federal Bureau of Investigation warns that cyber criminals are increasingly targeting mobile banking apps – here’s what banks can do.

Atlanta, USA & Cape Town, South Africa, 29 Jun 2020
Read time 1min 50sec

Entersekt, a global specialist in digital security solutions, today released its updated guidance for financial institutions, Securing the Mobile Banking Channel, a white paper. This follows the FBI warning that an increase in attacks on banking applications by cyber criminals and fraudsters is likely, as consumers stuck at home during the COVID-19 pandemic rely more heavily on these platforms. And, with recent research pointing to a marked distrust in banking communications among banking customers in the United Kingdom, it has never been as important for financial institutions to get the security of the mobile channel right.

“Current solutions to digital fraud have failed to alleviate consumer uneasiness around mobile banking security and have had a negative impact on the user experience,” said Christian Ali, SVP product, Entersekt. “Meanwhile, mobile malware is evolving fast, threatening to make the situation worse. If banks want to protect their customers from account takeover fraud and secure their futures in a disrupted marketplace, they must intelligently reengineer user and transaction authentication on the mobile channel as the first crucial step on that path.”

Entersekt’s free-to-access white paper outlines the opportunities presented by mobile, as well as the new set of threats that arise from it, including the explosive rise of mobile malware, vulnerabilities stemming from poor app design and configuration, weaknesses in mobile device ID, as well as flawed authentication. Importantly, it also addresses the necessary balance of regulatory compliant security and ease of use. In other words, how financial institutions can solve the security and user experience equation.

It then lays out the best practices to secure the mobile channel in order for organisations to take full control over their security. These include:

Avoiding reliance on SMS, OTPs, and native device security;

Harnessing the power of public-key infrastructure on mobile phones;

Building a second, secure channel for user transaction and authentication;

Taking a layered approach to boost security for high-value, high-risk transactions; and

Involving customers in securing their transactions.

Download "Securing the mobile banking channel" here.

Editorial contacts
Entersekt Debbie Visser (+27) 21 815 2800
SVP marketing and communications (Entersekt) Heather Thomps (021) 815 2800
See also