A Proposal to Improve the Security of Mobile Banking Applications

Mobile banking (m-banking) is considered to be one of the most important mobile commerce applications currently available. The ubiquitous access to data with no place restrictions helps to promote this technology. The security and privacy of sensitive financial data is one of the main concerns in acceptance of these systems in Australia. It is specifically important to secure the transmission of the financial data between the financial institutions' server and the mobile device used by consumers, as their communications are via unsecured networks such as the Internet. In this paper, a trust negotiation approach is proposed to address these security concerns. Trust negotiation is combined with the Transport Layer Security (TLS) as the underlying protocol. This combination of technology aims to maximize the existing security of m-banking applications. It results in significant improvements in security compared to the traditional identity-based only access control techniques. The proposed approach is implemented as a mobile application. It demonstrates that the developed application is easy to use and deploy in typical mobile environments.