by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
Connexus : Issue 36
Smartphone security Abacus research indicates that the mutual sector is ready to embrace smartphone technology, with about half of respondents to a survey last year saying they intended to introduce it for mobile banking services in 2011. It is misleading to say smartphones are more vulnerable to internet fraud than standard mobile phones. It's more accurate to say standard mobiles are less vulnerable because they are comparatively low-tech. The malware developed to compromise internet banking is very sophisticated and requires the smartphones' high-tech operating system to run on. There are two ways mobile banking on smartphones presents unique risks that need to be considered: physical security and software security. Smartphones are physically vulnerable because customers sometimes share phones and take and leave them in places where they wouldn't leave a home computer or even a laptop. Also, in contrast to the mobiles of old, their theft or loss involves much more than mere inconvenience. It could lead to unauthorised access to a person's bank account and the theft of personal information (people store all sorts of stuff on their smartphone). Of course, customers are particularly at risk if they save their mobile banking password on their smartphone. DETERMINING LIMITS Limiting the functions available via mobile banking is one way to control risk. As a minimum measure, Abacus recommends limiting or disallowing the setting up of new payees for external transfers via mobile banking. Other examples would be to allow only basic transactions and disallowing all external transfers and the changing of personal details. This ensures that the transaction is completed with additional two-factor or single one-time password authentication activated within your internet banking platform. Determining the extent of services available via mobile banking is, however, a business decision each organisation As mobile banking gets smarter, the focus turns to security issues. By Leanne Vale and Rob Crawford Data Action Pty Ltd p:(08) 8201 1000 e:firstname.lastname@example.org TECHNOLOGY