Layered Security for Mobile Banking


American Banker published a great article last week covering some of JPMorgan’s security strategies for mobile banking. Lloyd O’Conner explained the importance of layering multiple security technologies to protect their clients — as well as their own company — from the growing cyberthreats that not only target the online channel but are zoning in on the mobile channel as well.

O’Conner discusses some critical layers, including:

  1. Authenticating to the device: advanced measures (including biomtetrics) beyond simple PIN protection
  2. Authenticating the mobile device to the banking application: leveraging device certificates and device registration
  3. Authenticating the user to the application and encrypting the communication channel.

While I agree 100 percent with JPMorgan — after all, they are demonstrating clear innovation and leadership in mobile banking here — I think there is another layer that needs to be called out as well.

While varied identity authentication layers are critical, some forms of advanced fraud attacks (e.g., man-in-the-browser) have proven to defeat a broad range of authentication approaches.  Adding real-time fraud detection to flush out behavior anomalies is a critical layer to help detect MITB and, fortunately, is totally transparent to the mobile user.

By deploying a layered security framework, FIs can help defeat advanced MITB malware attacks. This approach not only provides world-class fraud prevention, but also helps enhance the end-user experience.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation