Cyber-Secure Mobile Financial
Transactions over GSM, / LTE Networks

21 – 24 June 2022 Sandton Centre, Johannesburg South Africa

05 – 09 September 2022 - Dubai -UAE

Register Now! Limited Seats Available!

Public R15, 999.00

Online R9, 999.00

Online R9, 999.00

Public R15, 999.00

Online R9, 999.00

$2500.00 USD - DUBAI

Course overview:

Cyber-secure Mobile Financial Transactions means any breach of customer confidence, can have a particularly devastating impact on the uptake and use of mobile banking & payments.

In today’s competitive market, any dent to your consumer confidence in your Mobile product/channel, can have a potentially devastating impact, in uptake, and even impact your brand. A recent US survey, by The Financial Brand found 73% of people never used Mobile Banking because they were “concerned about security”.

Your customers perception that their mobile financial transactions may be at risk, or vulnerable, can make all the difference between a successful product or channel – and a failure, which is why Cyber-secure Mobile Financial Transactions are an important part of an overall, secure cyber-secure response.

Modern Financial Banking & Payment network cyber-security architectures largely rely on the assumption that each node of the network is secured and encrypted from end-to-end. But what happens when this is not the case? From the moment a customer opens their Smartphone each message is highly vulnerable to interception, attack and fraud.

What You will Learn:

In this course you will learn why modern GSM/LTE networks are inherently insecure and the risk this presents to Banks and Financial institutions; Learn how hackers exploit common GSM/LTE vulnerabilities and customer behavior; and how a number of Innovative banks now integrate core features of GSM/LTE networks into their mobile security framework, and how a number of banks and mobile network operators are turning to Mobile Signaling ‘Big Data’ to stop mobile fraud in its tracks.

  • What makes Mobile Networks so different?
  • How is it Mobile Financial Transactions are so vulnerable?
  • What makes Mobile networks inherently vulnerable?
  • Smartphones – Android, Apple & App Stores & cyber-security
  • Handsets – cyber-security, App stores, Risk & control
  • Is “Handset state” App cyber-security the answer?
  • Why (and how) does 2FA (two-factor authentication) fail?
  • How can you secure OTP (One time PIN’s)?
  • strategies, techniques and options for secure data across mobile networks
  • How is Apple Pay & ‘Tokenization’? a target for fraud?
  • Learn the hidden glue behind mobile – SS7 Signaling
  • Discover why should banks care about GSM/LTE & SS7?
  • Truth & Obfuscation – Why IMSI feeds are unlikely to help?
  • Can banks & non-Telco’s beat Mobile Fraudsters at their game?
  • Mobile Frauds – examples, and cases studies from around the world

Who Should Attend:

The course is ideally suited for those currently in these roles or preparing for roles in cyber-security including;

  •  Risk & cyber-security Professionals & Project Managers
  •  Mobile & Network Designers, Developers & Architects
  •  Mobile Developers, Designers & Innovation Product Managers
  •  Digital & Mobile Heads & Leaders
  •  Information Systems Programmer/Senior/Lead/Manager
  •  Application Architect
  •  Applications Programmer/Senior/Lead/Manager
  •  Computer Operations Manager/Specialist
  •  Cyber Analyst/Specialist
  •  Data Architect/Analyst
  •  Data Modeler / Warehouse Manager/Specialist
  •  Information Security Administrator/Analyst/Director/Manager
  •  Information Systems Director/Generalist/Manager/Supervisor
  •  Network Administrator/Engineer/Network Manager
  •  Network Services Director
  •  Programmer/Analyst/Senior/Lead
  •  Project Manager/Senior/Lead
  •  Software Engineer/Analyst/Senior/Lead
  •  Systems & Programming Manage/Analyst/Senior/Leader
  •  Systems Analyst /Analyst/Senior/Lead/Manager
  •  Telecommunications Analyst/Manager/Supervisor/Technician

Course Outline:

The State of Mobile Fraud

  •  The State of cyber-security, Mobile banking & payment fraud in 2020
  •  Why ‘Mobile’ Devices represent a risk to banking & Payments (Apps, Devices & Networks)
  •  Why the current model of banking security is incompatible with mobile networks

Introduction to GSM/LTE Networks (Part I) – Design & Signaling architecture
Session 2 (55 minutes)

  •  Cyber-security, Mobile Networks & Mobile Banking
  •  How mobile GSM/LTE Networks work
  •  Why Mobile GSM/LTE Network design makes it so difficult to secure Mobile Financial Services
  •  Some common hacker exploits and how they work (e.g., Gemalto hack). Case studies and Examples

Introduction to GSM/LTE Networks (Part II) – The Mobile Handset
Session 3 (55 minutes)

  •  Apps & App Stores
  •  Common Mobile App vulnerabilities and exploits & mitigations
  •  Android & Apple vulnerabilities & mitigations
  •  Mobile app ‘State’ and its exploits & mitigations

Introduction to GSM/LTE Networks (Part III) – Authentication & 2FA
Session 4 (55 minutes)

  •  The benefits and drawbacks of OTP’s vs ‘App State’ monitoring
  •  Designing a foolproof 2FA messaging architecture

Securing transactions over GSM/LTE networks (Part I) – Extending network nodes
Session 5 (55 minutes)

  •  Extending & Integrating GSM/LTE nodes into Core Banking Architecture
  •  Case studies – How two banks in the Pacific integrated GSM/LTE nodes into their core Banking architecture

Securing transactions over GSM/LTE networks (Part II) – A ‘Big Data’ design
Session 6 (55 minutes)

  •  A model for using ‘Big Data’ for Mobile Financial Services Cyber-security,
  •  Thoughts on Privacy, Security and Customer Data
  •  Conclusion

End of the workshop

IN HOUSE AND ONLINE TRAINING

While both In-House and Online training can present with cost-effectiveness and time-efficacy, there are some very specific differences between in-house courses and those based online.
The demand for additional courses by individuals or groups of people is increasing. Still, it depends entirely on the preferences of a person what type of training he or she wants to receive. Online courses and in-house training carry some similarities but they are considered to exhibit some very pivotal differences too. Despite that, both types of learning can be really beneficial for attendees.

For Registration and other Training arrangements,
contact us on the detail below.
SOUTH AFRICA Tel: +27 11 057 6001
KENYA Tel: +254 11 353 1082
WhatsApp +27 79 574 0389
info@bmktraining.co.za / www.bmktraining.com