IBM-Apple Deal: Turning Point for Banks?

Experts Weigh Pros, Cons of Broader Apple Device Use
IBM-Apple Deal: Turning Point for Banks?

Security experts say the new alliance between IBM and Apple could lead to broader use of iPhones and iPads at banking institutions if the partnering companies demonstrate adequate security and scalability.

See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions

On July 15, the two vendors announced a deal in which IBM will sell Apple iPhone smart phones and iPad tablet computers loaded with IBM apps for the banking, healthcare, insurance, retail, travel and telecommunications sectors.

But the potential benefits of running enterprise apps on mobile devices may not be enough to relieve some of the security concerns financial institutions have, says Avivah Litan, fraud analyst at the consultancy Gartner. "Banks need to see the proven ability to keep devices clean from malware, the ability to make sure that applications and the environment are secure, and that users can strongly, yet easily, authenticate," she says. "They also need robust device management capabilities for iOS devices."

Penetration into Banking Market

Al Pascual, a financial security expert and lead analyst with consultancy Javelin Strategy & Research, says that Apple may find it easier to penetrate the banking market now that it has the backing of IBM, a well-established software provider within the financial sector.

While many banking institutions have remained committed to the BlackBerry as part of their mobile strategies because of its perceived superior security, IBM's alignment with Apple could change that, Pascual says.

"Among enterprise customers, iOS devices have traditionally been perceived as less secure than BlackBerry, but the IBM relationship should help to even the playing field," Pascual explains. "Enterprise customers could leverage Touch ID as an additional authentication factor." Touch ID is a fingerprint recognition feature available on the iPhone 5S.

The additional authentication provided within the iPhone 5 is making the iOS more attractive to banking institutions, which have historically been leery of allowing employees to remotely access internal networks and systems with mobile devices, he says.

The new vendor alliance "brings together the best of both worlds - the enterprise know-how of IBM and the consumer-centric design of Apple," Pascual adds. "BlackBerry recently opened up their MDM [mobile device management] platform to allow for the management of other types of devices alongside BlackBerry devices. And when that opportunity is considered along with the benefits from this new partnership, it is likely that iOS devices will gradually displace BlackBerry as the solution of choice among FIs [financial institutions]."

To help gain bankers' support, IBM must demonstrate how Apple's devices can secure data at rest and segregate consumer apps from enterprise apps, says Eldon Sprickerhoff, founder and chief security strategist at eSentire, a threat mitigation provider whose clients include financial institutions.

Another challenge in getting financial institutions on board with Apple products is that most banks already have hardware in place with authentication keypads and fingerprint readers. "Financial institutions don't move all that fast," he notes.

Partnership Kicks Off This Fall

As part of its alliance with Apple, IBM plans to develop software and offer services that are optimized for the iOS 8 operating system.

IBM and Apple say their partnership will be grounded in "four core capabilities":

  • A new class of more than 100 industry-specific enterprise solutions, such as banking apps for mobile teller and wealth management, developed exclusively for the iPhone and iPad;
  • IBM cloud services optimized for iOS, including device management, security, analytics and mobile integration;
  • New AppleCare service and support offerings tailored to the needs of enterprises; and
  • New packaged offerings from IBM for device activation, supply and management.

"With a market environment that is increasingly regulated and the cost of doing business on the rise, banks are rapidly turning to mobile technologies to drive business innovations," says Glenn Finch, a banking transformation leader within IBM's Business Analytics division.

But a recent IBM survey shows banking leaders struggle with mobile security, Finch says. Some 71 percent of the banking CEOs and IT managers surveyed say security is their most significant mobile enterprise challenge.

"Like most industries, banks clearly see the potential for mobile, but they question the security of the data," Finch says. "They struggle with integrating a mobile plan with the core data and processes of the rest of the enterprise. And they still haven't seen the straight line to real ROI [return on investment] on mobile investments."

Mobile Apps

Banking institutions also struggle with integrating mobile apps with legacy systems, he says. "Nearly half of banking respondents said they believe mobile is fundamentally changing the way their organization does business," Finch says. "Even so, banking organizations are still struggling to integrate mobile applications with other applications and back-end systems."

To address that challenge, Finch says the deal between IBM and Apple aims to transform enterprise mobility through new business apps that bring IBM's big data and analytics capabilities to the iPhone and iPad.

But securing massive amounts of data that financial institutions collect is another issue for the two vendors, says eSentire's Sprickerhoff. "Where are you going to put all of this data?" he says. "How do you ensure connection to the data is secure? How do you ensure people have appropriate access to data as it's being gathered and making sure it doesn't leak out of the hardware itself to different applications?"

(News writer Jeffrey Roman contributed to this story.)


About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years' experience, she covered the financial sector for 10+ years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.