Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:11 PM
Beau Woods, Dell SecureWorks
Beau Woods, Dell SecureWorks
Connect Directly

6 Ways to Secure Mobile Apps

As more and more consumers adopt mobile banking, hackers will begin targeting mobile devices with increasing frequency.

Related: How to Build a Bionic Mobile App

While mobile banking applications are becoming the wave of the future, if not constructed securely, they could allow hackers to hijack your customers' accounts. But that doesn't mean you should forego mobile banking.

When designing a mobile banking application, not only do the developers need to consider the application's functionality and usability, but they must consider the security of the application. Essentially, today's smartphone is just a small computer. Thus, as more and more consumers adopt mobile banking, the hackers will target the mobile device. There are six security best practices that banks should follow when developing mobile applications:

1. Make sure your organization or outside development firm uses seasoned application developers who have had secure-coding training and use a secure software development life cycle (SDLC).

2. Follow the guidance suggested by the Federal Deposit Insurance Corp. (FDIC FIL-103-2005) regarding authentication in an Internet banking environment. The guidance describes enhanced authentication methods, such as multifactor authentication, that regulators expect banks to use when authenticating the identity of customers using the bank's online products and services.

3. Make sure that you require the customer to re-enter his or her credentials after a certain time period to prevent someone other than the mobile device's owner from obtaining access to private account information.

4. Hire an information security expert to assess the security around your mobile application servers. Unfortunately, a bank's servers are often overlooked during a risk assessment, as they require a specialized skill set to test them.

5. Encrypt sensitive data that is stored on a mobile device and account data that travels from the handset across the Internet. Ensure that the encryption is implemented properly.

6. Hire a security expert to test the security of a mobile application before you implement it across your customer base.

Beau Woods is Solutions Architect for Security and Risk Consulting Services at Dell SecureWorks (Atlanta).

Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.