New FFIEC Mobile Financial Services Guidelines Services Put a Stake in the Ground

According to data from IDC, the worldwide smartphone market is in excess of 2 billion units. By 2017, the smartphone market share will reach 70.5 percent, up more than 10 percent compared to 2013.

In addition to IDC’s findings, the recent “Consumers and Mobile Financial Services 2016” report stated that 43 percent of mobile phone owners perform online banking via a mobile device, up from 39 percent last year. Additionally, 53 percent of smartphone owners use mobile banking.

A Stake in the Ground

It’s evident that consumers expect to interact with services such as e-commerce, gaming and online banking through their mobile devices. As a result, organizations offering new services must keep up with the ever-growing mobile landscape and any associated regulatory guidelines.

The Federal Financial Institutions Examination Council (FFIEC) recently issued guidance that focused on risks associated with mobile financial services (MFS). The publication also emphasized an enterprisewide risk management approach for more effective risk mitigation.

The agency put a stake in the ground, issuing a new set of security guidelines for mobile banking in late April 2016. This was an important update to the organization’s previously released handbooks. With these new guidelines, the FFIEC set the foundation for 24/7 online banking services of all types, including a set of detailed, actionable directives.

Read the white paper to learn how to protect Mobile Financial Services

Protecting Mobile Financial Services

More generally, financial institutions looking into protecting existing and new MFS should consider the following:

  • The main channels for mobile banking, such as SMS messaging, mobile-enabled websites, mobile applications and wireless payments;
  • The risks and potential implications on the various aspects of the offered service, including strategic, operational, compliance and reputational risks;
  • The means of identifying, measuring, assessing and mitigating the risks across all applicable categories, which includes the likelihood and impact of such risks and their potential effect on the service and the organization; and
  • The processes and systems in place to help validate and report whether the offered product or service meets operational expectations.

Financial institutions looking to address the above issues must make sure these objectives can be aligned with their short- and long-term strategic plans. To help address security concerns related to mobile financial services, financial institutions can embed the IBM Security Trusteer Mobile SDK in proprietary mobile banking applications via a dedicated security library for Apple iOS and Google Android platforms.

For more information, download the white paper to see how IBM solutions can help protect mobile financial services and provide effective and sustainable fraud prevention.

Contributor'photo
Assaf Regev serves as the product marketing manager for the web fraud portfolio of Trusteer, an IBM Company, part of...