Controls and Expectations with Mobile Banking

A sample of activities that may performed with mobile banking include the ability to transmit payments, check account balances, process account transactions, credit applications and other banking transactions through a mobile device such as a personal digital assistant or smart phone.  Smart phones include devices like Apple's iPhone, phones based on Google's Android operating system and others. This has led to the use of client programs, or apps, downloaded to the mobile device.

The following areas need to be addressed to offer a secure infrastructure for financial transactions over wireless networks:

  1. User ID and password authentication of the device with the service provider before initiating any transactions.  This ensures that only authorized devices are connected to perform financial transactions. 
  2. Ensure the data being transmitted over the air is encrypted, using a strong encryption. 
  3. When the data is stored on the device, this too should be encrypted, and 
  4. The physical security associated with a mobile device and the logical security on a device, which at a minimum would include a user ID and password for authentication.

With the concerns associated with mobile banking, it is extremely important that gateway providers provide an appropriate quality of service for banks and financial institutions.  The provision of service level agreements is a requirement for financial institutions; it is necessary to give the bank customer guarantees that all services will be completed as defined and expected. 

Another challenge for banks is the need to expand their mobile banking infrastructure to handle exponential growth of their customer base, without compromising security.  With mobile banking, the bank customers may be sitting anywhere in the world, so banks need to ensure that their systems are up and running and secure 24 hours a day, 7 days a week.  As customers utilize mobile banking more and more, their expectations will increase.  Banks are expected to meet the performance and reliability expectations of their customers.