Security of financial transactions, being executed from some remote location and transmission of financial information over the air, are the most complicated challenges that need to be addressed jointly by mobile application developers, wireless network service providers and the banks' IT departments.
The following aspects need to be addressed to offer a secure infrastructure for financial transaction over wireless network :
- Physical part of the hand-held device. If the bank is offering smart-card based security, the physical security of the device is more important.
- Security of any thick-client application running on the device. In case the device is stolen, the hacker should require at least an ID/Password to access the application.
- Authentication of the device with service provider before initiating a transaction. This would ensure that unauthorized devices are not connected to perform financial transactions.
- User ID / Password authentication of bank’s customer.
- Encryption of the data being transmitted over the air.
- Encryption of the data that will be stored in device for later / off-line analysis by the customer.
No comments:
Post a Comment