Losing a credit card is scary, but losing a cell phone that stores your bank account information is even scarier. Once cell phones come <a href= http://www.informationweek.com/showArticle.jhtml?articleID=198800919 target=_blank>pre-loaded</a> with mobile banking apps, some of your personal information will be stored on them. Naturally that poses a huge security hazard.

Elena Malykhina, Technology Journalist

April 12, 2007

3 Min Read

Losing a credit card is scary, but losing a cell phone that stores your bank account information is even scarier. Once cell phones come pre-loaded with mobile banking apps, some of your personal information will be stored on them. Naturally that poses a huge security hazard.But before you rule out mobile banking completely from your list of innovative services to try out in the next few years, here's what the banks and their partners are doing to secure these services:

- Citibank: Transactions conducted using its Citi Mobile service are secured with 128-bit encryption, the same technology that's used at Citibank.com. The cell phone doesn't store any bank account information.

- Bank of America: Customers using its mobile banking service are protected by the bank's SiteKey security technology, where they would have to answer a series of questions to access their account. Information remains encrypted when it's sent between the phone and the bank.

- AT&T: Once the carrier rolls out mobile devices with a pre-loaded banking application, which will include access to banks like Wachovia, BancorpSouth, Regions Financial, and SunTrust Banks, it will have the ability to remotely wipe the device clean of personal data if it's lost or stolen.

Separately, MasterCard and Visa are testing cell phones with embedded Near Field Communication technology, which enables short-range wireless communications between devices for contactless payments. Using the technology, you can make purchases with a cell phone at concession stands, fast-food restaurants, and stores. But the same security rules apply here as they do in the credit card world. Visa, for example, will de-activate the wireless account if a phone is lost or stolen. Visa says it will also guarantee zero liability, which means you won't be liable if someone conducts fraudulent transactions using your stolen phone.

Earlier this week, digital security company Gemalto began providing a Belgian wireless carrier with technology that will let its subscribers perform secure payments using the Short Message Service (SMS). Here's how it works: A payer specifies the amount and the name of the payee on his or cell phone screen and accepts the transaction by entering a secret code he or she selected when the service was activated. Then, both the customer and the merchant receive an SMS confirming the transaction. It doesn't look like the service is yet available in the United States, but is a glimpse into what's to come in the near future.

In summary, the banks are viewing mobile banking as an extension of their online services, which means all the same security policies apply. The major difference here is that your home PC is not likely to go anywhere, but you can easily lose your cell phone, whether it's in a cab or at a restaurant. So a piece of advice for anyone thinking about using their cell phone as a payment device: Treat it with the same care as you do your credit card; don't leave it unattended!

About the Author(s)

Elena Malykhina

Technology Journalist

Elena Malykhina began her career at The Wall Street Journal, and her writing has appeared in various news media outlets, including Scientific American, Newsday, and the Associated Press. For several years, she was the online editor at Brandweek and later Adweek, where she followed the world of advertising. Having earned the nickname of "gadget girl," she is excited to be writing about technology again for InformationWeek, where she worked in the past as an associate editor covering the mobile and wireless space. She now writes about the federal government and NASA’s space missions on occasion.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights