Fraudulent mobile applications will threaten mobile banking security
上一篇 /
下一篇 2010-04-30 12:41:16 / 天气: 晴朗
/ 心情: 高兴
Fraudulent mobile applications will threaten mobile banking securityFraudulent mobile applications will threaten mobile banking securityIt's#x a dangerous new take on phishing: Instead of beingConcrete Mixing Stationdirected to a fraudulent URL, the device owner will have voluntarily downloaded a malicious application from a reputable app store run by Google, Apple Inc.,Compact fluorescent lamp, Research in Motion Limited, Palm Inc. and others. From there, the application can overtly collect personal and financial information entered by the mobile subscriber, or covertly collect names, addresses, and any other sensitive data that resides on the mobile device. While app stores are working hard to perform. the necessary due diligence on applications, demand for offering the broadest range of applications to the widest audience of users may cause rogue programs to go unchecked. The problem threatens mobile banking security and is likely to get worse before it gets better for a number of reasons.First, financial institutions are keen to enhance mobile banking services beyond balance checking and bill pay. As mobile banking transitions from an informational service to a transactional service, banks will introduce applications that facilitate payment to third parties. Until now, the worst a fraudster could do with mobile banking services was capture a user's bank balance and the previous five transactions. As banks bring moreConcrete Mixing Stationtransactional services to market, rogue applications that mimic these functions could provide fraudsters with the ability to extract funds from accounts.Second, fraudsters are acutely aware of mobile channel capabilities. Sensitive data capture via a rogue application could go unnoticed for weeks or months. And given the decentralized nature of attacks (voluntary downloads to tens of thousands of devices), getting each end user to uninstall malware could prove difficult even after fraudulent applications have been removed from app stores.Finally, end users are simply not prepared for mobile application fraud. Criminals will exploit the naivety of mobile subscribers who have no reason to be suspicious of apparently legitimate applications that have gone through stringent checks. Further compounding this will be the high degree of differentiation between devices; while banks could educate customers about nuanced differences between an online banking session with their actual institution and one with a phishing fraudster (typos, SSL session indicators, etc.), mobile devices present so many permutations in terms of operating systems, visual displays and icons that education of end users#x for each and every device on theConcrete Mixing Stationmarket would be an unmanageable undertaking.相关的主题文章:
导入论坛
引用链接
收藏
分享给好友
推荐到圈子
管理
举报
TAG:
compact
fluore