1 / 13

Mobile Banking Security

Mobile Banking Security. Joe LoBianco, CISSP, CISM Moderator: Illena Armstrong, editor-in-chief, SC Magazine. Presentation Agenda. What is the current state of mobile computing? What are consumer attitudes toward mobile banking? Is mobile banking secure? What could the future hold?.

ardith
Télécharger la présentation

Mobile Banking Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile Banking Security Joe LoBianco, CISSP, CISM Moderator: Illena Armstrong, editor-in-chief, SC Magazine

  2. Presentation Agenda What is the current state of mobile computing? What are consumer attitudes toward mobile banking? Is mobile banking secure? What could the future hold?

  3. Current State of Mobile Computing Industry is in a state of flux – mobile devices are evolving rapidly

  4. Smartphone Usage Trends Source: Quantcast • What will this look like in 2011? • Does Windows Phone 7 change anything? May 2010 Mobile Web Usage:

  5. Mobile Banking Today 10 Million Mobile Banking Subscribers 22 Million Mobile Banking Subscribers Source: ABI Research

  6. Consumer Attitudes towards Mobile Banking Only 19% of Canadian Consumers feel comfortable with mobile banking Why are the other 81% not comfortable? Source: KPMG

  7. Is this Consumer Attitude Justified? VS. Virtually all mobile threats have originated from fake apps, with little consumer impact

  8. Hacker’s Magic Quadrant Hacker’s Magic Quadrant Easy money Reward/Impact Waste of time Ease of Attack/Likelihood Why spend time on difficult and low return activities when there are easy ones with higher returns?

  9. Today’s Mobile Banking Threats Phishing and fake apps pose a threat to mobile banking Other types of malware have yet to emerge as an active threat

  10. Drive-by Malware In More Depth What is it? Malware that installs without user intervention Why is it such a threat? Users can be infected by visiting legit sites without taking any action Conditions for success: Browsers or web plug-ins with lots of vulnerabilities, preferably found very often Common OS base Common hardware platform As of today, this remains a significant threat for PCs, but not for mobile devices

  11. Bringing it all together... Hacker’s Magic Quadrant Easy money... Waste of time ...

  12. Advice for Security Professionals When doing an assessment of mobile banking: Standard secure development practices Conduct Pen Test & code review Watch out for client side caching of data! Protecting your users: Educate users on fake apps Lock down devices, where possible

  13. Future - what does the crystal ball hold?

More Related