Can mobile improve data security in financial services?
June 11, 2014

The mobile revolution has had a dramatic impact on the average bank or financial provider, especially considering the rapid increase of consumer demand for services that are accessible through smartphones, tablets and portable computers. There is no denying that the personal computer is beginning to go the way of the dinosaur, as tablet and smartphone shipment volumes have significantly outpaced the sale of less flexible devices, and companies have had to adjust their strategies appropriately to ride this wave. 

Security is likely the single highest priority among executives in the banking sector who are beginning to deploy mobile-related strategies, such as BYOD, application delivery and online account management, and this is certainly a good sign. However, recent breaches have highlighted just how difficult of a time banks and other organizations are having when trying to develop and maintain effective data and network protection strategies in the modern threat-filled landscape. 

One of the fundamental issues that remains in the mainstream is the use of antiquated and ineffective access management controls such as traditional passwords and credentials. These codes are generally difficult to remember, few individuals actually use them properly and, at the end of the day, are not all that strong in the defense arena, which is why many banks are beginning to switch over to more advanced approaches to security such as authentication. 

Seeing the forest for the trees
BankInfoSecurity recently sat down with Jim Van Dyke, a research expert at Javelin Strategy and Research, regarding trends that are beginning to take hold in the financial services sector amid mobile deployments. Surprisingly, the analyst asserted that whereas many bank executives will believe that mobile will inherently increase risk and perplex the standing threat mitigation frameworks in place, he argued that these new platforms can actually be used to the advantage of data protection. 

According to the news provider, Van Dyke works under the belief that decision-makers who think outside the box and try to leverage mobile tools for fraud prevention purposes will be turning the threat around on itself, turning it into an autonomous defense mechanism of sorts. After telling the source that the United States is a bit behind the curve in terms of security technology deployments on both cards and digital accounts, he went on to present his explanation of today's status quo.

"I think the reason mobile security is so perplexing to many financial institutions, as well as leading merchants, networks, government entities and some of the technology providers out there, is that they're working within their own silos," Van Dyke told BankInfoSecurity. "So they are like kids on the playground, but these kids are experts in fraud or marketing or security, separate from fraud, and they're not working with their counterparts in other specialties. We see it happen all the time."

Finally, the source pointed out that Van Dyke is a firm believer that these new types of movements cannot necessarily be avoided, and that executives should become a bit more comprehensive in their decision-making.

Bolstering efficient protections
Although it is not necessarily possible to achieve 100 percent resilience to data breaches, banks can often come close when they are using the right combination of policies, strategies and solutions to patch vulnerabilities before they become problems. In the mobile and online banking arena, the basic tenets of a successful initiative will involve a highly level of user-friendliness and engagement, while also balancing exceptional protection of privacy and sensitive information. 

Authentication tools that anchor to a user's smartphone or tablet can optimize the user experience while simultaneously minimizing the potential for breaches through online platforms.