Bank of America was one of the first institutions to move toward mobile banking in a big way. Two years into the initiative, Doug Brown, SVPO of Mobile Product Development, discusses:

Brown leads the eCommerce Product Development team at Bank of America, where he is responsible for strategy and new product development for online banking, mobile banking and ATM. Most recently, Brown led the successful launch of the Bank of America mobile banking and bill pay products. He has an extensive background in marketing and technology strategy in the financial services, software and telecommunications industries.

TOM FIELD: Hello, I'm Tom Field, Editorial Director with Information Security Media Group. We're talking today about mobile banking, and with us is Douglas Brown, Senior Vice President of mobile product development with Bank of America Corporation. Doug, thanks so much for joining me today.

DOUGLAS BROWN: Thank you for having me, Tom.

FIELD: Doug, mobile banking is a topic everybody is talking about this year. What can you tell us about Bank of America's pioneering program? How many users do you have now, and how are they availing themselves of your services?

BROWN: We launched in May of 2007 with our service, and currently we have over 2.6 million active mobile banking customers. They are using the service to bank anywhere. They want it on their terms, so we see them performing a variety of banking functions including checking account balances, reviewing transaction details, verifying their payroll deposits into accounts and using the service to pay bills and to transfer funds to other Bank of America customers, for example.

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

FIELD: Those are great numbers Doug. Do you have any sense of what percentage of Bank of America's total customers that represents?

BROWN: It represents about 12% of our online banking base today.

FIELD: That's great. What's the latest addition to your offerings? I know you are updating this consistently.

BROWN: We're very keen to promote and endorse the new mobile devices and handsets that come to market. So we're working very aggressively to support the most popular phones of our customers first and foremost, so we have applications available for the Apple iPhone, the RIM BlackBerry and Google Android. We're working hard as new platforms are coming to market so that customers can have a great experience on devices such as the Palm Pre and other new ones that are coming to market later this year. Beyond that, we are looking to new functionality and capabilities, where the phone really becomes an integral way to manage your finances, both in terms of managing from the phone itself, or leveraging the phone to be an added security channel, because the phone is something that you always have with you. We use that in a service we offer today called SafePass, which allows customers to receive a one-time pass code delivered to that phone that they can use for fund transfer and other activity in online banking.

FIELD: There are a lot of institutions that look to Bank of America as an example, because you were there first and you were there in such a big way. For institutions just getting into this now, and there are a lot of them, what are the biggest security hurdles that they have to clear?

BROWN: Security for us was very important; that was job one. When we looked at the business problem, we had to make sure that the connectivity between the device and the bank servers is guaranteed secured and that it's an encrypted path for those using mobile web for example. You need to design in your architecture the ability to protect those transmissions to and from the device and then secondly you need to be mindful of the circumstance where a customer might lose their phone. So we designed our application to not store any information or credentials permanently on the handset; once you are done with your mobile banking session, there would be no risk if you were to lose your phone after you finish those transaction sets.

FIELD: But Doug, users don't ever lose their devices, do they?

BROWN: [Laughs] It happens more than people tend to even admit, Tom.

FIELD: I know you're right. Now, being a pioneer and being out there first, you have a lot of success, but you make yourself sort of a target for some of the fraudsters as well. In what ways have you had to address some of these security issues as your service has matured?