According to data from IDC, the worldwide smartphone market is in excess of 2 billion units. By 2017, the smartphone market share will reach 70.5 percent, up more than 10 percent compared to 2013.

In addition to IDC’s findings, the recent “Consumers and Mobile Financial Services 2016” report stated that 43 percent of mobile phone owners perform online banking via a mobile device, up from 39 percent last year. Additionally, 53 percent of smartphone owners use mobile banking.

A Stake in the Ground

It’s evident that consumers expect to interact with services such as e-commerce, gaming and online banking through their mobile devices. As a result, organizations offering new services must keep up with the ever-growing mobile landscape and any associated regulatory guidelines.

The Federal Financial Institutions Examination Council (FFIEC) recently issued guidance that focused on risks associated with mobile financial services (MFS). The publication also emphasized an enterprisewide risk management approach for more effective risk mitigation.

The agency put a stake in the ground, issuing a new set of security guidelines for mobile banking in late April 2016. This was an important update to the organization’s previously released handbooks. With these new guidelines, the FFIEC set the foundation for 24/7 online banking services of all types, including a set of detailed, actionable directives.

Read the white paper to learn how to protect Mobile Financial Services

Protecting Mobile Financial Services

More generally, financial institutions looking into protecting existing and new MFS should consider the following:

  • The main channels for mobile banking, such as SMS messaging, mobile-enabled websites, mobile applications and wireless payments;
  • The risks and potential implications on the various aspects of the offered service, including strategic, operational, compliance and reputational risks;
  • The means of identifying, measuring, assessing and mitigating the risks across all applicable categories, which includes the likelihood and impact of such risks and their potential effect on the service and the organization; and
  • The processes and systems in place to help validate and report whether the offered product or service meets operational expectations.

Financial institutions looking to address the above issues must make sure these objectives can be aligned with their short- and long-term strategic plans. To help address security concerns related to mobile financial services, financial institutions can embed the IBM Security Trusteer Mobile SDK in proprietary mobile banking applications via a dedicated security library for Apple iOS and Google Android platforms.

For more information, download the white paper to see how IBM solutions can help protect mobile financial services and provide effective and sustainable fraud prevention.

More from Fraud Protection

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today