Enhancing Security of Mobile Banking and Payments

Electronic Commerce has increased the use of devices such as computers, phones and tablets in carrying out financial transactions. Mobile Banking has advanced e-commerce but has experienced challenges. This book demonstrates vulnerabilities of M-banking in Kenya, to cyber threats like phishing, ransomware and database attacks, which have led to a rise in banking fraud. Penetration testing is done on six M-banking applications used by Tier 1 banks in Kenya. From the penetration testing, it is evident that most M-banking applications are not secure, whereby they do not adhere to the Open Web Application Security Project (OWASP), 2013 guidelines.This book provides solutions to cyber threats by Enhancing Security of Mobile Banking and Payments by demonstrating how security in both the application and network layers can be achieved. This is done by developing a secure M-banking application. These solutions involve the use of encryption, encapsulation and hashing techniques. The OWASP standards provide guidelines in the development of a secure M-banking application. To provide security in M-banking, issues to do with Confidentiality, Integrity and Authenticity need to be addressed.