In the last article, I covered Mobile Payments. This article focuses on a specific area in mobile payments i.e. security aspects in mobile banking. Security is a crucial parameter in all mobile banking transactions. Let’s check out some parameters which play important role in secure mobile banking:
- Authorization: The authenticated users access only to business functionality to which they are allowed. Once authenticated, app should check with cloud to determine if the user has required access to data or not
- Data Confidentiality: The sensitive data should always be kept in RAM (memory) rather than disk. The application must not store any sensitive data on the file system. Sensitive information should not be leaked through logs and error messages. The cache manager should clear the data when the application operates in the background
- Authentication: There should be strong authentication mechanism. The Multistep authentication is recommended. An additional recommendation is to check for user location using a GPS during authentication
- Secure Operating Systems: It is necessary to detect if the application is running on a jail-broken/rooted/malware-infected device. An app should make the decision to close itself if system is found guilty
- Encrypted Connections: All the connections initiated by the app should be encrypted for safety. HTTPS protocol should be used to connect to the cloud. A white list of IP addresses and domain names should be maintained on the device side to prevent apps from talking to other domains not specified on the white list
- Prevent Local Data Transfer: Banking application should prevent the data from being locally transferred to other installed apps (e.g., copying it or sending it to an unauthorized external application) by disabling the long press on the sensitive UI fields and by remove the data from the clipboard when the app operates in the background. This will ensure restriction for data sharing
- Secure cleanup after log-off: The secure objects which are involved in the app (For example: account data, user information, any network requests already made but waiting for response etc.) should be wiped off securely when a log-off is triggered. The application should be forced to quit if application tampering is detected
- Preprocessing: All the plain-test resources present in the app bundle should be eliminated. This will prevent hackers from gathering information from app internals. The symbol table should be stripped, thus leaving only unresolved symbols and forcing an attacker to trawl for data in the runtime code, decrypt the binary or use more complex debugger tactics to obtain a map of the application symbols for class names, methods, and function names
- Tamper Detection: The application should check to see if it is getting tracked by someone else. For example, debug flags can be checked to determine if the application is being debugged. An app must prevent debuggers from attaching to it (e.g., to read sensitive data from memory in use by another running application). This can be done by defining a debuggable property to false in android manifest file
- Root Certificate Check: For secure communications with the cloud, SSL certificate should be bundled with an app. This certificate is required to see if it is signed by the respective authority. If the certificate is not signed, then the app should be closed.
- Blacklisting older version apps: It should be possible to block certain older versions of the app on the back-end server if there is a security breach. If an app version is blacklisted, then the user will receive an error message and be asked to upgrade the app. This is ultimately beneficial for users for secure transaction
- Security Logging: All the security events which are going on inside the application should be logged locally and then sent to cloud (back-end server) periodically for later analysis. During log-off, the device data is sent to the server to ensure no confidential data remains on the device
- Encrypted Assets: All the important data files like property file, configuration file should be hidden and encrypted
- Anti-pharming Protection: App should always check the hostname lookup with DNS resolves to the whitelisted IP address. This will ensure that app does not redirect to any malicious server in between
This was just an overview of security in mobile banking. If you have any other important points which I missed here, please enlist in the comments.