Cyber Security Challenges to Mobile Banking in SACCOs in Kenya
Development of mobile technology has enabled mobile devices to be adopted in daily activities. Financial institutions are adopting mobile devices for banking purposes to enable their clients to bank from anywhere at any time. Although, the adoption of mobile technology enabled convenience to the users, it has brought about a great security challenge. This paper reviews the cyber security challenges to mobile banking and ways which SACCOs minimize the impact. Findings indicate that some mitigation strategies to cyber threats to mobile banking are in place though they seem not to address the major challenges.
Watson, R., Leyland, P.P., & George, Z. U-Commerce: Expanding the universe of marketing. Journal of the Academy of Marketing Science, 30(4), 333-347, (2002).
2015 industry drill-down report. Financial services, (2015).
Chitrey A., Singh D., Bag M. and Singh V. A Comprehensive Study of Social Engineering Based Attacks in India to Develop a Conceptual Model. International Journal of Information & Network Security (IJINS), 1(2), (2012).
Omondi, D. How fraudsters are sneaking into your mobile phone to steal private information. The Standard Newspaper, (2016 February 8th).
ISACA, (2012). ISACA ® Glossary of Terms. Available at: https://www.isaca.org/glossary.
Paans, R. Part 6D Introduction Code of Practise for Information Security Code ISO 27002:2005. Post Graduate IT Audit opleiding Vrije Universiteit. (2010).
Nambiro, A. W., Muchiri, G. M. and Matoke, N. Survey of Cyber Security Frameworks. International Journal of Technology in Computer Science & Engineering, 1(2), 33-39 ISSN 2349-1582, (2014). Available online at http://www.ijtcse.com
SACCO Briefs. Managers and Board Members: Implications of the SACCO Societies Act and Regulations, (2011).
Harris, A., Goodman, S. and Traynor P. Privacy and Security Concerns Associated with Mobile Money Applications in Africa. Washington Journal of Law, Technology & Arts, 8 (3), (2013).
Mumanyi, E. A. L. Challenges and opportunities facing SACCOs in the current devolved system of government of Kenya: A case study of Mombasa County. International Journal of Social Sciences and Entrepreneurship, 1 (9), 288-314, (2014).
Janczewsk L. J. and Fu L. Social Engineering-Based Attacks: Model and New Zealand Perspective. Proceedings of the International Multiconference on Computer Science and Information Technology pp. 847–853, (2010).
Blackburn, J.and Waters, G. Optimizing Australia's Response to the Cyber Challenge. Kokoda Foundation. (2011).
Fried, I., (2012). At Defcon, Hackers Show How to Hack Your Android Phone Encryption, ALL THINGS D, http://allthingsd.com/ 20120728/at-defcon-hackers-show-how-to-bypass-android-encryption/.
Hasan M., Prajapati N. and Vohara S. Case study on social engineering techniques for persuasion. International journal on applications of graph theory in wireless ad hoc networks and sensor networks, 2 (2), (2010)
Purkait S. Phishing counter measures and their effectiveness – literature review. Journal of Information Management & Computer Security, 20 (5), (2012)
Greitzer F. L., Strozer J. R., Cohen S., Moore A. P., Mundie D. and Cowley J., (2014). Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits. 2014 IEEE Security and Privacy Workshops.
Nelson R. (2008). Methods of Hacking: Social Engineering. online. Available at: http://www.isr.umd.edu/gemstone/infosec/ver2/ papers/socialeng.html, last accessed on 2013-07-04.
Thorawade M.B. and Patil S.M. Authentication Scheme Resistant to Shoulder Surfing Attack Using Image Retrieval. International Journal of Knowledge Engineering, 3 (2), (2012).
Adams A. and Sasse M.A. Communications of the ACM, 42, 41-46, (1999)
Granger, S. Social Engineering Fundamentals, Part I: Hacker Tactics. SecurityFocus, (2001).
Schmidt, A.D. Detection of Smartphone Malware. Technischen Universitat Berlin, (2011).
Jassal R., K. and Sehgal R., K. Study of Online Banking Security Mechanism in India: Take ICICI Bank as an Example. IOSR Journal of Computer Engineering, 13 (1) pp 114-121, (2013).
Mannan M. and van Oorschot P.C. Security and Usability: The Gap in Real-World Online Banking. New Security Paradigms Workshop, (2007).
Authors who submit papers with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
- By submitting the processing fee, it is understood that the author has agreed to our terms and conditions which may change from time to time without any notice.
- It should be clear for authors that the Editor In Chief is responsible for the final decision about the submitted papers; have the right to accept\reject any paper. The Editor In Chief will choose any option from the following to review the submitted papers:A. send the paper to two reviewers, if the results were negative by one reviewer and positive by the other one; then the editor may send the paper for third reviewer or he take immediately the final decision by accepting\rejecting the paper. The Editor In Chief will ask the selected reviewers to present the results within 7 working days, if they were unable to complete the review within the agreed period then the editor have the right to resend the papers for new reviewers using the same procedure. If the Editor In Chief was not able to find suitable reviewers for certain papers then he have the right to reject the paper.
- Author will take the responsibility what so ever if any copyright infringement or any other violation of any law is done by publishing the research work by the author
- Before publishing, author must check whether this journal is accepted by his employer, or any authority he intends to submit his research work. we will not be responsible in this matter.
- If at any time, due to any legal reason, if the journal stops accepting manuscripts or could not publish already accepted manuscripts, we will have the right to cancel all or any one of the manuscripts without any compensation or returning back any kind of processing cost.
- The cost covered in the publication fees is only for online publication of a single manuscript.