There’s An App For That, But Is It Safe?

September 18, 2012 at 7:30 am 1 comment

A talented hacker can break into your smart phone and gain control of it without it ever leaving your pocket. So, as your members demand mobile payment options, the credit union industry has a stake in insuring that these systems are designed as safely as possible.

It’s a good thing that the PCI Standards Council recently released guidance intended to assist developers of mobile payment apps by outlining data and software protections of which a developer and vendor should be mindful.  Although financial institutions are not the target audience of the guidance “in the end this is going to help the bank user and any organization willing to accept and process mobile payments securely,” explained Bob Russo, General Manager of the PCI Security Council in a follow-up interview available on the BankInfo Security Blog.

The recommendations include best practices for designing mobile payment software mindful of the need to:

  • Prevent account data from being intercepted when entered into a mobile device;
  •  Prevent account data from interception upon transmission out of the mobile device; and
  • Prevent account data from being compromised while being processed or stored within the mobile device.

Another part of the guidance deals more generally with the mobile software environment and precautions that can be taken to protect it from being compromised.

This is the type of document I would tuck away in my due diligence file.  You might already be being approached by software developers pitching mobile payment platforms and it will be useful to see how their software measures up against these suggested practices.

OCC Releases Guidance On Investor Owned Rental Property

Yesterday afternoon, the OCC released guidance on the proper management of investor owned rental property where the rental income is collateral for the mortgage loan.  For those relatively small number of credit unions holding such loans, keep in mind that, for credit union purposes, they are considered member business loans.






Entry filed under: Compliance, General, Regulatory. Tags: , , , .

Three Reasons Why With Friends Like the CFPB, We Don’t Need Enemies. Is NCUA A Cutting-Edge Regulator?

1 Comment Add your own

  • 1.  |  May 22, 2013 at 11:04 am

    * Snoring aid pillow-It’s a pillow specially created to assist reduce snoring. It’s cheap as in comparison to other snoring aids.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Authored By:

Henry Meier, Esq., General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 474 other followers