التكنولوجيا وأخبارها بوابة الإمارات لتكنولوجيا المعلومات والإتصالات
Entersekt Offers Guidance on Securing the Mobile Channel Amidst FBI Cautions
US Federal Bureau of Investigation warns that cybercriminals are increasingly targeting mobile banking apps – here’s what banks can do
(BUSINESS WIRE/AETOSWire)– Entersekt, a global
specialist in digital security solutions, today released its
updated guidance for financial institutions, Securing the
Mobile Banking Channel, a white paper. This follows the
FBI warning that an increase in attacks on banking
applications by cybercriminals and fraudsters is likely, as
consumers stuck at home during the COVID-19 pandemic
rely more heavily on these platforms. And with recent
research pointing to a marked distrust in banking
communications among banking customers in the United
Kingdom, it has never been as important for financial
institutions to get the security of the mobile channel right.
“Current solutions to digital fraud have failed to alleviate
consumer uneasiness around mobile banking security and
have had a negative impact on the user experience,” said
Christian Ali, SVP product, Entersekt. “Meanwhile, mobile
malware is evolving fast, threatening to make the situation
worse. If banks want to protect their customers from
account takeover fraud and secure their futures in a
disrupted marketplace, they must intelligently reengineer
user and transaction authentication on the mobile channel
as the first, crucial step on that path.”
Entersekt’s free-to-access whitepaper outlines the
opportunities presented by mobile, as well as the new set
of threats that arise from it, including the explosive rise of
mobile malware, vulnerabilities stemming from poor app
design and configuration, weaknesses in mobile device ID,
as well as flawed authentication. Importantly, it also
addresses the necessary balance of regulatory-compliant
security and ease-of-use. In other words, how financial
institutions can solve the security and user experience equation.
It then lays out the best practices to secure the mobile
channel in order for organizations to take full control over
their security. These include:
• Avoiding reliance on SMS, OTPs, and native device security
• Harnessing the power of public-key infrastructure on
mobile phones
• Building a second, secure channel for user transaction
and authentication
• Taking a layered approach to boost security for high-
value, high-risk transactions
• Involving customers in securing their transactions
