3. Mobile Banking
• What is Mobile banking?
Is a system that allows customers of a financial
institution to conduct a number of financial
transactions through a mobile device such as a
mobile phone.
• SMS banking
4. Mobile Banking
• First European banks
• Implementation of Mobile banking
• Third of banks have mobile device detection
5. Why Banks Going Mobile
• Reasons why banks are going mobile
• 1. Improve customer Service
• 2. Reduce costs
• 3. Increase the reactivity of the company
• 4. Increase market share
• 5. Improve branding
• Bank of America: 500,000 users after six
months, and 1.6 million after a year (Holland,
2008)
6. Why Banks Going Mobile
• Mobile financial services could be more than
successful in rural area
• Add real value to the lives of consumers
7. MODELS OF MOBILE BANKING
ARCHITECTURE
• Mobile phones have three architecture
alternatives when interactive with banks’
mobile banking systems. Each is further
described.
1. Message Based services Model
2. Mobile Browsers Model
3. Client Application Model (app)
8. Message Based services Model
• Message based systems work through text
messaging.
• There are two types of message systems:
SMS and MMS
9. Mobile Browsers Model
• The ability to access the bank’s Internet
banking website from a cell phone
• Advantages:
1. Ease of use and user familiarity
2. Users don’t have to download any
special software
• Disadvantages: risk of confidential information
being at risk as these phones are more subject
to attack
10. Client Application Model
(app)
• Download the mobile banking software onto
their phone.
• Easy to use applications to provide a variety of
services
11. SECURITY THREATS AND
CONCERNS
• Mobile handhelds are compact, portable and
easily lost or stolen
• Security requirements:
1. Confidentiality
2. Authentication
3. Integrity
4. Non-repudiation
5. Authorization
12. Authentication
• There are three forms of identification:
1. What you have (ex. include a debit card
smart card, or your mobile device)
2. What you know (usernames, passwords
or pin numbers)
3. Who you are (requires biometrics)
• Another authentication technique is out-of
band communication
14. Encryption
• 1) Encrypt the information stored on mobile
devices
• 2) Encrypt the communication so that if an
attacker is able to intercept the message it’s
still useless without the key.
• Advanced Encryption Standard (AES).
• The OS and digital signatures