Mobile banking more secure than PC: CBA

Summary:The Commonwealth Bank has spoken up in defence of mobile banking security, with its head of its service development and deployment business saying that in some circumstances mobile banking is more secure than banking on a desktop or laptop.

The Commonwealth Bank has spoken up in defence of mobile banking security, with its head of its service development and deployment business saying that in some circumstances mobile banking is more secure than banking on a desktop or laptop.

"Mobile itself doesn't create a security concern, you have to build paradigms that are secure for the volume of the transaction that you're doing. In certain cases, mobile can be more secure," Tim Whiteley, executive general manager of service development for the Commonwealth Bank, told ZDNet Australia.

"If you think about [banking] on the net, you know your log-in, you know your password and then we give you a one-time token password for a transaction. You can use the mobile to create at least as secure a paradigm as that because we know [the transaction] comes from a SIM [card] on a phone that is registered to you. That's nicer than not knowing what PC you have so it gives us another way of recognising you. Makes it stronger," Whiteley added.

Whiteley said that smartphones have the ability to see, hear and know where they are, making them excellent tools for recognising users.

IBM said recently that new features including the use of near field communication chips for contactless payments and the growing trend of jailbreaking devices would lead to more hackers targeting mobile devices.

Near field communication facilitates the transmission of data over a range of approximately 10cm. A chip in a mobile phone interacts with a proximity card reader to enable mobile payments.

Whitely said, however, that directing customers to a mobile version of its internet banking platform via a web browser, rather than transacting through pre-installed software is designed to keep user data safe from hackers.

"At the moment, we manage our security mostly via the existing website paradigm. We don't install significant amounts of software on people's phones so we haven't increased our security risk from that," he said.

"If you install things on a phone then potentially there's a way to hack them, but that's not where we're currently running."

Commonwealth Bank has been big on security this week, offering its customers a free six-month trial of McAfee antivirus. The company did a similar deal with CA two years ago.

Testers wanted

Whiteley's mobile security wrap comes as the bank looks to invite its customers to test its new online banking products before they go to market.

"Recently we launched My NetBank Lab, which lets us release experiments to customers; so we can do small groups of customers [to] anyone who wants to sign up," Whiteley said.

"Our aim is to continually enhance the customer experience, so one of the ways to do that is to get customers to help us get things that are going to make it better for them," Whiteley added.

The bank quietly slipped the live testing program out to select customers several months ago, and intends to ramp up efforts around testing as time goes on.

The Commonwealth Bank is currently running three live product tests for select users, including home-page customisation, a graphic representation of balance positions instead of just a straight transaction history and a savings goal tracker, similar to that available to branch staff.

"[My NetBank Lab] lets customers try it out, give us feedback on whether to fully produce it and roll it out for all customers, or whether it's not that popular or if we need to change it based on feedback," he said.

Whiteley added that the Commonwealth Bank is keen on involving loyal customers who demonstrate a propensity to adopt new features and technology early.

While the bank is keen to bring new features to its users, Whiteley said he doesn't want it to look like the Commonwealth Bank is experimenting with customer's money.

"We'd be very careful not to do that," Whitely said, adding that features deployed need to directly benefit the customer.

Topics: Mobility, Apple, Google, iPhone, Security, Developer


A fresh recruit onto the tech journalism battlefield, Luke Hopewell is eager to see some action. After a tour of duty in the belly of the Telstra beast, he is keen to report big stories on the enterprise beat. Drawing on past experience in radio, print and magazine, he plans to ask all the tough questions you want answered.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.