At Silanis and HP Exstream’s recent roundtable Enhancing Mobility Capabilities to Improve the Banking Customer Experience, the discussion centered on a topic that CIOs and IT managers often come up against – risk. Specifically, questions were raised around the potential risk of having a company-issued or company-connected mobile phone or tablet lost, stolen or hacked. Attendees wanted to know how an e-signature platform would secure data from e-signed transactions on a mobile device and how any risk could be mitigated.
Before I cover the technical aspects of risk management, let me paint you a picture of the types of scenarios in banking that would apply techniques for mobile device risk management. For example, bank personnel like wealth management advisors are increasingly closing business on mobile devices like tablets, as are bank personnel with in-branch transactions. Should the devices in either of these scenarios be lost or stolen, the potential for data or identity theft, fraud or worse is very real yet also easily mitigated.
Part of the solution lies in the hardware; mobile devices are built nowadays with the ability for an organization’s IT department to remotely wipe any device in the event of its loss, presuming the device has been configured in advance to do so. Even if the device is powered off or the battery has died, remotely wiping the device ensures that should the device be turned on again, all data will automatically be erased.
The rest of the solution lies in the software, like the e-signature solution being used to complete mobile business transactions banks execute including the purchase of wealth management products, the closing of a mortgage or every day banking transactions. Here’s how an e-signature solution can keep transactional data safe:
- Encrypt any information that sits on the device
- Encrypt the communications between the device and the server
- Configure an e-sign app to automatically wipe the device after each completed transaction
If the device has been set up for secure, encrypted communication and remote wiping, then losing it is akin to losing a credit card: call your IT department, let them know the device has been lost and all data can immediately be wiped, protecting the consumer, the organization and the data.
If I’ve piqued your interest and you’d like to learn more, have a read of this white paper on electronic signature security.