Mobile banking threatened by malware

Mobile banking will shortly see significant, large-scale growth, Ovum stated

A report released today by analyst Ovum warns that banks should prepare for malware attacks on mobile devices.

As the devices grow in power and functionality, the commercial incentives for mobile banking increase concurrently, as do the risks.

Graham Titterington, principal analyst at Ovum and the report's co-author, encouraged banks to be proactive.

He explained: “Mobile networks may be intercepted either by breaking the wireless encryption mechanism or by hacking into the wired backbone of the network where encryption is not mandatory under telecommunications standards. IT malware that compromises back-end servers, but is harmless in the wireless environment, may be passed through the mobile banking interface.”

Ovum believes that banks, mobile device vendors and mobile network operators need to co-operate to address the issue. Security measures are needed, but must be sufficiently unobtrusive to not interfere with the user’s experience.

Network vulnerabilities can be avoided by adopting end-to-end encryption of transactions, in addition to any encryption provided by the network operator.

The report recommends that banks offer to reverse payments made in error, even where fraud is not proven.