When it comes to mobile banking via apps, it's pretty clear that security professionals need to embrace a whole new mindset. No longer can they be content to confine themselves to such well-known "technologies" such as Trojans, bots, phishing methods and the like. They need to understand that the emerging face of fraud will offer whole new challenges.

The issue is already cropping up, as we've noted before. Last year, Citibank's iPhone app was found to be storing customers' data on their phones. Google has pulled a number of anonymously written apps from the Android Marketplace that ended up being fakes that sought to exploit information on users' devices in order to commit banking and card fraud, according to Bank Systems & Technology. Here's how one expert put it: Apps "are not the same as your PC. If you're a programmer and you're writing for your Windows box, you have a general understanding of where your files go and where things fit in place. But on a mobile phone, there's not as much transparency there."

As of now, banks are being more cautious than many assume. Functionality has been limited to what is currently available on web sites, and it may be sometime before we see truly new features. All the angst over app security may be a tad overstated, some say. They argue that while mobile security is indeed a new frontier, mobile devices are generally as safe if not safer than computers that do not sit behind a formal firewall.

For more:
- here's the article

Related articles:
The future of online payments is mobile payments  
NFC bridge technologies may be doomed  
Banks and the looming security crisis