1 / 10

Mobile Banking

Mobile Banking. By: Chenyu Gong, Jalal Hafidi , Harika Malineni. Background. According to Forrester Research, approximately 46% of bank accounts will be in mobile format by 2017 Definition: Conducting financial transactions through mobile devices. Three types of mobile banking

berg
Télécharger la présentation

Mobile Banking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile Banking By: Chenyu Gong, Jalal Hafidi, HarikaMalineni

  2. Background • According to Forrester Research, approximately 46% of bank accounts will be in mobile format by 2017 • Definition: Conducting financial transactions through mobile devices. • Three types of mobile banking • SMS Mobile Banking • Web Banking • Mobile Applications • Need multi layer controls

  3. Risks Internal External Security Authentication Unauthorized system access • Security • Employees fraud • Lack of maturity of Fraud tools and controls of Fraud tools and controls • Privacy violations relative to application collection and distribution of data • Reputation

  4. Confidentiality Risks • Employees fraud • Authentication • Transaction • Privacy • Application collection and distribution of data • Phishing Attacks

  5. Integrity • Manipulation of Data • In Use • In Transit • At rest

  6. Availability Risks • Maturity of wireless Infrastructure • Service Interruption (Uptime/ Down time) • Natural Disaster • Hardware and Operating System failure • Targeted Attacks- Ex: DDoS

  7. Other Risks • Complexity of the network • Multiple players involved in the attack • Effects All (C.I.A) • Security of the operating system of the device

  8. Controls • One-Time Password / Security Token • Strong BCP / DR plans • Segregation of duties • penetration testing for vulnerabilities, • monitor to detect anomalies • Deployment of communication security measures • firewalls, password management, encryption techniques, and proper authorization of end use • SSAE 16 to validate third party operations • Customer Awareness program • Email Alerts/ Liability Agreements • Periodic external audits • Mobile malware protection • Pending Transactions/ Clearing period.

  9. Residual Risk • Inactive/ Dormant accounts

  10. Questions??

More Related