Image for post
Image for post

MONETA Money Bank Will Fortify Its Mobile Banking Runtime With App Shielding

Petr Dvořák
Dec 6, 2018 · 2 min read

There are only a couple of banks in the world that take their mobile banking app security as seriously as MONETA Money Bank does. The bank works on the app security continuously and just recently, they decided to make another essential improvement in this area by hardening their mobile banking app with the App Shielding technology.

As a result, the Smart Banka app by MONETA Money Bank will be the first bank in the Czech Republic that actively fights against the whole range of sophisticated attacks, such as:

Why Does App Shielding Matter?

We believe that App Shielding is a critical requirement for PSD2 compliance. Now, most people view the new PSD2 legislation as an “open banking legislation.” However, PSD2 — or more specifically, the RTS — defines the whole range of requirements on digital banking security. According to our opinion, it strongly implies that App Shielding is a necessary component of any mobile banking app. Now, why is that?

Let’s quote the final version of the RTS:

Chapter II
Article 9

2. Payment service providers shall adopt security measures, where any of the elements of strong customer authentication or the authentication code itself is used through a multi-purpose device, such as mobile phone or tablet, to mitigate the risk which would result from that multi-purpose device being compromised.

3. For the purposes of paragraph 2, the mitigating measures shall include each of the following:

- (a) the use of separated secure execution environments through the software
installed inside the multi-purpose device;

- (b) mechanisms to ensure that the software or device has not been altered by the payer or by a third party;

- (c) where alterations have taken place, mechanisms to mitigate the consequences thereof.

This excerpt implies that banks are responsible for implementing security measures to make sure that the mobile device was not altered, the app was not modified at rest or in runtime, and that the application cannot be tampered with by the payer or any other third party (for a malicious reason or not). The App Shielding is a natural and the most straight-forward way to cover this requirement.

We are happy to see that MONETA Money Bank does continuous steps to stay compliant and — mainly — ahead of their cyber adversaries. And we are even happier that they decided to work on these topics with Wultra.

Wultra Blog

Blog posts by Wultra company

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store