As mobile computing continues to increase among both corporations and consumers, organizations are urged to deploy mobile applications quickly, in order to remain competitive. Unfortunately, the security of these applications is not always scrutinized, resulting in insecure applications in the hands of consumers. This has created a large attack surface for criminals to exploit, especially when those apps handle sensitive financial information.
This three-day seminar is designed to provide the knowledge and experience you need in order to enable an organization to securely develop, deploy, and monitor mobile banking applications and mobile payment systems. Attendees will gain specialized knowledge of mobile technology security. We will cover mobile computing fundamentals, assessing mobile banking risks, developing secure mobile banking applications, meeting compliance requirements, and business continuity and security incident response concerns.
This course is only available on-site at your location.
- Day 1 - Mobile Banking Fundamentals, Mobile computing basics, Mobile application development basics, Mobile banking vs. mobile payments, Authentication and authorization, Assessing and managing risk
- Day 2 - Mobile Banking Application Management and Auditing, Identifying compliance requirements (including FFIEC Authentication Supplement), Documenting the dataflow, Security and monitoring considerations for systems and applications, Major players in the mobile payment space, Auditing your mobile banking application and infrastructure, Aligning your controls with a security framework, How to determine what you will audit, Developing an internal auditing program, Auditing third parties, Tools to support the mobile device audit process
- Day 3 - Attack and Defense- Attacking and defending mobile banking and payment systems and applications - Security incident response planning, Business continuity planning, Trends in mobile computing usage and security