Cyber-secure Mobile Financial Transactions over GSM/LTE Networks
Cyber-secure Mobile Financial Transactions means any breach of customer confidence, can have a particularly devastating impact on the uptake and use of mobile banking & payments
In today’s competitive market, any dent to your consumer confidence in your Mobile product/channel, can have a potentially devastating impact, in uptake, and even impact your brand. A recent US survey, by The Financial Brand found 73% of people never used Mobile Banking because they were “concerned about security”.
Your customers perception that their mobile financial transactions may be at risk, or vulnerable, can make all the difference between a successful product or channel – and a failure, which is why Cyber-secure Mobile Financial Transactions are an important part of an overall, secure cyber-secure response.
Modern Financial Banking & Payment network cyber-security architectures largely rely on the assumption that each node of the network is secured and encrypted from end-to-end. But what happens when this is not the case? From the moment a customer opens their Smartphone each message is highly vulnerable to interception, attack and fraud.
How is this possible?
WHY THIS COURSE?
The traditional cyber-security model is only useful if both endpoints are un-compromised, as in the case of an ATM or POS terminal, over which the bank (or its partners) have full control – Tjaart van der Walt, CEO, Course Director
The reason fraudsters are increasingly targeting mobile is because the traditional bank cyber-security model relies on end-to-end encryption, and controlling both the source and the destination points. This cyber-security model however does not account for the key risks inherent in routing data over GSM/LTE networks.
GSM/LTE architecture was designed for maximum interoperability, openness and ease-of-use. Deep systemic design issues inherent in GSM/LTE mobile and signalling networks means traffic and/or data is routinely exposed across many nodes in a typical Mobile network. While access to such mobile networks remains highly technical, and requires specialised skills and access, the stratospheric growth of mobile fraud is proof that this knowledge is no longer the domain of mobile networks and their employees and mobile cyber-security is a serious issue for banks and payment networks.
The Mobile Transactions & GSM/LTE cyber-security MasterClass, will teach you what Governments, hackers & fraudsters know – that the inner workings of the Mobile (GSM/LTE/SS7) networks contain exploits and vulnerabilities useful to bad actors and hackers alike – however there are strategies, steps & strategic options open to secure mobile financial transactions and retain customer trust…
WHAT YOU WILL LEARN
In this course you will learn why modern GSM/LTE networks are inherently insecure and the risk this presents to Banks and Financial institutions; Learn how hackers exploit common GSM/LTE vulnerabilities and customer behaviour; and how a number of Innovative banks now integrate core features of GSM/LTE networks into their mobile security framework, and how a number of banks and mobile network operators are turning to Mobile Signalling ‘Big Data’ to stop mobile fraud in its tracks.
- What makes Mobile Networks so different?
- How is it Mobile Financial Transactions are so vulnerable?
- What makes Mobile networks inherently vulnerable?
- Smartphones – Android, Apple & App Stores & cyber-security
- Handsets – cyber-security, App stores, Risk & control
- Is “Handset state” App cyber-security the answer?
- Why (and how) does 2FA (two-factor authentication) fail?
- How can you secure OTP (One time PIN’s)?
- strategies, techniques and options for secure data across mobile networks
- How is Apple Pay & ‘Tokenisation’? a target for fraud?
- Learn the hidden glue behind mobile – SS7 Signalling
- Discover why should banks care about GSM/LTE & SS7?
- Truth & Obfuscation – Why IMSI feeds are unlikely to help?
- Can banks & non-Telco’s beat Mobile Fraudsters at their game?
- Mobile Frauds – examples, and cases studies from around the world
The course is ideally suited for those currently in these roles or preparing for roles in cyber-security including;
- Risk & cyber-security Professionals & Project Managers
- Mobile & Network Designers, Developers & Architects
- Mobile Developers, Designers & Innovation Product Managers
- Digital & Mobile Heads & Leaders
- Information Systems Programmer/Senior/Lead/Manager
- Application Architect
- Applications Programmer/Senior/Lead/Manager
- Computer Operations Manager/Specialist
- Cyber Analyst/Specialist
- Data Architect/Analyst
- Data Modeller/Warehouse Manager/Specialist
- Information Security Administrator/Analyst/Director/Manager
- Information Systems Director/Generalist/Manager/Supervisor
- Network Administrator/Engineer/Network Manager
- Network Services Director
- Programmer/Analyst/Senior/Lead
- Project Manager/Senior/Lead
- Software Engineer/Analyst/Senior/Lead
- Systems & Programming Manage/Analyst/Senior/Leader
- Systems Analyst /Analyst/Senior/Lead/Manager
- Telecommunications Analyst/Manager/Supervisor/Technician
The State of Mobile Fraud
Session 1 (55 minutes)
- The State of cyber-security, Mobile banking & payment fraud in 2020
- Why ‘Mobile’ Devices represent a risk to banking & Payments (Apps, Devices & Networks)
- Why the current model of banking security is incompatible with mobile networks
Introduction to GSM/LTE Networks (Part I) – Design & Signalling architecture
Session 2 (55 minutes)
- Cyber-security, Mobile Networks & Mobile Banking
- How mobile GSM/LTE Networks work
- Why Mobile GSM/LTE Network design makes it so difficult to secure Mobile Financial Services
- Some common hacker exploits and how they work (eg Gemalto hack). Case studies and Examples
Introduction to GSM/LTE Networks (Part II) – The Mobile Handset
Session 3 (55 minutes)
- Apps & App Stores
- Common Mobile App vulnerabilities and exploits & mitigations
- Android & Apple vulnerabilities & mitigations
- Mobile app ‘State’ and its exploits & mitigations
Introduction to GSM/LTE Networks (Part III) – Authentication & 2FA
Session 4 (55 minutes)
- The benefits and drawbacks of OTP’s vs ‘App State’ monitoring
- Designing a foolproof 2FA messaging architecture
Securing transactions over GSM/LTE networks (Part I) – Extending network nodes
Session 5 (55 minutes)
- Extending & Integrating GSM/LTE nodes into Core Banking Architecture
- Case studies – How two banks in the Pacific integrated GSM/LTE nodes into their core Banking architecture
Securing transactions over GSM/LTE networks (Part II) – A ‘Big Data’ design
Session 6 (55 minutes)
- A model for using ‘Big Data’ for Mobile Financial Services Cyber-security,
- Thoughts on Privacy, Security and Customer Data
- Conclusion
On-line Quiz – 30 minutes
This cyber-security course is constantly updated to reflect the needs of evolving security threats to mobile banking. This Course is only available online, so kindly get in touch to find out how to register, cost and when the next available course is run. Fill in the form, and we will send you all the details including Course Director Biography, course dates, times and related information
COURSE FEATURES ✔ | |
---|---|
LIVE, EXPERT-LED COURSES | |
MANUAL & MATERIALS* | |
CLASSES RECORDED FOR ‘ON-DEMAND’ VIEWING* | |
REMINDERS & IN-CLASS HELP* | |
COURSE CERTIFICATE | |
♿ | FRIENDLY (PLEASE ADVISE ON BOOKING) |
YOU WILL NEED ✘ | |
INTERNET (2mb/s or faster recommended) | |
WEB BROWSER | |
MICROPHONE | |
HEADPHONES/SPEAKER | |
WEBCAM | |
NEXT CLASS STARTS | |
Check Agenda for latest courses | |
7:00am GMT/London | 9:00am CAIRO/CAT | 11:00 Dubai/UAE | |
Six (6) MODULES over Two (2) weeks | |
Three (3) X Weekly (Mon, Tues, Thurs) | |
Check Agenda for latest courses | |
Read our TERMS & CONDITIONS |

Mobile Fraud…
IS GROWING AT AN ALARMING RATE. iOS and Android originated frauds now account for over half of all online fraudulent activity*, meanwhile your customers perception of risk and security can make all the difference between mobile success…. or failure.
*Sift Research 3 March 2020
