"A Trojan virus in China is striking mobile phone users by intercepting inbound messages and lifting sensitive financial data, according to a story by Want China Times. In particular the malware is impacting third-party payment accounts." Continue Reading

Fraud Prevention: Utilizing Mobile Technology for Authentication & Transaction Verification
"It's no longer just about mobile banking. Mobile technology today is deployed by leading-edge institutions for out-of-band user authentication, transaction verification and to help prevent fraud via real-time security alerts. How can your institution crack down on fraud maximize its mobile investment?"

FBI Issues Warnings Over Mobile Banking
"With smartphone and tablet owners using their gadgets more often to access financial information and authorize transactions, cybercriminals are flocking to mobile platforms. As a result, the Federal Bureau of Investigation has released a bulletin detailing the hazards of mobile malware."

Mobile Functionality or Security?
"Mobile banking is on the rise, with 23 out of the United States' top 25 banks already offering some sort of mobile service. As smart phone and tablet usage grow, banks and credit unions will need to continue implementing and enhancing mobile technology, but they must focus on security and convenience, says Mary Monahan of Javelin Strategy & Research."

Mobile banking security tops 10 security threats for 2012
"While credit unions gear up for what may be radical growth in mobile banking, they also must keep in mind that mobile security is the No. 1 security issue in the list of top 10 computer security threats for 2012, according to McAfee Labs.

Cyber criminals are hacking into all sorts of devices, breaking into to everything from cell phones to car systems, and security threats are escalating and becoming more malicious, said Adam Wosotowsky, senior anti-spam analyst with McAfee (The Motley Fool Jan. 3)."

IDC RESEARCH CONCLUDES HEIGHTENED MOBILE BANKING SECURITY RISKS FOR UK FINANCIAL INSTITUTIONS
"Following research conducted by IDC Financial Insights, Akamai Technologies Ltd has found a widening gap between IT and business in many UK financial services companies that poses grave operational and security risks for mobile and online services. This widening gap is an unintentional consequence of business decision-makers within financial institutions lobbying for new and enhanced digital services and being stonewalled by IT departments fearful of the growing security threat from mobile malware."

Akamai warns of mobile banking security rift
"IT managers for banks are being put under increasing pressure to deliver secure mobile banking products while having to deal with severe budgetary constraints, according to research performed on behalf of Akamai by analyst company IDC."

How to Build a Secure Mobile App
"As is the case with any delivery channel, security is at the forefront for banks as they rush to deploy or enhance mobile banking apps in the fast-growing smartphone market. And while many banks' mobile apps limit customers to basic functions -- checking account balances and transaction histories, finding a branch or ATM location, and initiating transfers -- a new wave of apps is bringing person-to-person payments, remote deposit capture and bill pay to the mobile channel. Simply, the apps are getting smarter and more capable. But with those capabilities comes the potential for greater threats."

Mobile Banking Phishing Malware Comes To Android, Removed From Market
"The international cybercrime ring known as Zbot or ZeuS and the creators of the Zeus toolkit are back, this time targeting Android users. The ZeuS toolkit is bank information stealing malware that has already come to Symbian, Windows Mobile and Blackberry in the form of a trojan. The ZeuS team has created a survey form that installs a malware into your phone once you take the survey that is supposedly from a security company called Trusteer."

Mobile banking apps lead to new security issues
"When it comes to mobile banking via apps, it's pretty clear that security professionals need to embrace a whole new mindset. No longer can they be content to confine themselves to such well-known "technologies" such as Trojans, bots, phishing methods and the like. They need to understand that the emerging face of fraud will offer whole new challenges."

Aussie banks divided over mobile security education
"Some of the big four banks are divided over claims by a National Australia Bank (NAB) fraud specialist that more needs to be done to educate customers about the risks of banking using mobile devices.

Speaking during a roundtable at the Banktech conference in Sydney this week, NAB head of fraud operations and investigations, Grant Baxter, said educating consumers was an "absolute challenge" for the bank because some customers did not understand the capabilities of their smartphone and their handset's level of security."

Mobile Banking Gets Riskier
"'Digital wallets' that let consumers pay with the swipe of a smartphone could make the plastic credit card obsolete. But the technology also could chip away at consumers' privacy—and tempt them to spend more than they otherwise would.

Using a technology known as 'near-field communications,' or NFC, consumers will be able to buy items simply by passing their phones in front of a sensor at the checkout counter. Though NFC isn't available in many phones yet, a number of companies, including Google Inc., are close to rolling out programs."

Jailbroken phones not safe for banking
"Fraud experts have called on the finance industry to consider banning connections to online banking services from jailbroken devices, as the sector struggles to handle rising levels of electronic fraud.

While insecure transaction processes contributed significantly to electronic fraud, financial institutions were fearful of insecure mobile platforms. They were most concerned about users who jailbroke their devices, a process which granted user access to the device's root directory, allowing them to install applications and trigger settings not vetted by Apple."

Safer mobile transactions
"Last week ("More on biometrics") I recommended "biometric recognition as well as using passwords and SMS codes" for more secure mobile banking transactions. Long time reader Patrick O'Kane (he's chief architect for identity and access management services at Unisys) pointed me to a solution that does just that.

IdentityX, from Reston, Va.'s Daon, claims that using your smartphone, it can enable you to securely establish your identity through a combination of encryption, PIN entry, location-based technology, and biometrics such as voice, face and palm image matching. The company further claims that IdentityX is a fully mobile, private and cost-effective solution that allows you to set the level of security for each type of transaction -- thereby tuning the balance of convenience and security."

Mobile Banking Fraud Part #2: Fraud Detection Essentials
"In an earlier post, I discussed vulnerabilities associated with mobile devices that drive up fraud risk for banking and payments made through these devices. These range from malicious apps, to network security issues, to targeted man in the middle attacks. So, what can be done to counteract these vulnerabilities?

One option is to look to fraud detection residing on the mobile itself. You could monitor phone behavior patterns—in terms of calls made, time/day of week patterns, apps accessed, and browser behavior—to determine whether there is a change in usage patterns indicative of someone else using the phone or a malicious app."

Will the Apple Tablet be the ultimate portable netbook ever?
"Rumors about Apple Tablet device are everywhere last few days. Some say it will be released late this year, some say early 2010. But no one really knows other than few people at Apple.

But all in all Apple Tablet promises to be the ultimate device to consume the digital content on the go through a web-centric operating system. It is set to feature a 9.7-inch touchscreen, will include a camera and a microphone like the iSight on MacBook and MacBook Pro, and will have the anytime and anywhere Internet connection."

Javelin: U.S. Consumers’ Interest in Using Mobile Person-to-Person Payments Grows Rapidly, Threatening Slow-Moving Banks
"Javelin Strategy & Research today released a report that indicates financial institutions must act now to implement person-to-person mobile solutions before carriers capture the market. The report, Mobile Person-to-Person Payments: Mounting Telco Activity in a Mobile Channel Segment That Financial Institutions Can’t Afford to Lose, also reveals that conditions are growing ripe for potential widespread consumer use of mobile devices to send payments between one another: smartphones are now used by 17 percent of consumers, mobile banking is used by many, and use of the internet for banking and shopping has been common for years. These are just some of the conditions that have created an increased likelihood that consumers will soon begin to use mobile person-to-person (P2P) transfers."

Chinese Firm Writes First SMS Worm
"It’s a pretty cool concept, abusing the Symbian Express Signing procedure. It reminds me of the heydays of self-propagating e-mail worms when corporate e-mail servers were getting flooded because everyone in the company was sending the same attachment to everyone else in their address book."

Islamic Finance and Mobile Banking: Could, Would, Should
"Islamic Banking has developed rapidly over the last 30 years. Islamic Banks have proliferated in number and in geographic reach, with services now offered regularly on four continents. A number of innovative, successful financial products have also been developed, enabling Shariah compliant bonds, mortgages and savings accounts."

Traditional Texts Hang Tough in a Sea of Innovation
"Even in mobile banking, traditions die hard. While smart phones get exponentially smarter and app stores burst at the seams like FAO Schwartz in December, banks and consumers are not only still using basic text messaging-the mode is maturing to mainstream status."

ClairMail Sees Record 700% Year-Year Increase
"ClairMail, Inc., the leader in proactive mobile banking and payment solutions, today announced that its core product, the ClairMail Solution, has experienced over a 700 percent year-over-year increase in monthly mobile banking transactions. ClairMail's success continues to outpace the mobile banking industry, which experienced a six-fold usage increase in 2008, according to recent published reports."

Wells Fargo Introduces Online Same Day Payments
"Wells Fargo & Company (NYSE:WFC - News) today announced the nationwide availability of its newest online bill pay feature, which allows customers to make “just in time” online bill payments to merchants, such as utility, auto finance and mortgage companies. The service helps customers avoid missing payments or making late payments. According to Javelin Strategy & Research, nearly three out of four consumers initiated expedited payments last year and use is expected to continue to rise in the next five years."

One in 63 Smartphones Infected by Mobile Spyware and Malware
"The study of 1,958 smartphones revealed infections by Spyware, Viruses Worms and Trojans, as well as hundreds of unlicensed software programs installed on the handsets reviewed. A comparison of these statistics to the worldwide smartphone population places the number of infected devices globally into the millions. Because the vast majority of these infections are designed to be stealthy and the fact that few smartphones posses Anti-Malware applications, most infected users are completely unaware their devices have been compromised."

Citibank Launches Citi Mobile(R) For Smartphones
"Checking your account balance or paying a bill used to involve a trip to the bank, and in recent years, logging on to your home PC. Today, Citibank is making banking easier than ever for its U.S. customers by expanding its mobile offering to smartphones, including most BlackBerry(R) smartphones, Palm(R) devices and iPhone(TM)( )mobile devices. Now, more Citibank customers can access and manage their bank accounts -- anytime and anywhere -- via their smartphone's mobile browser."