14 DAY TRIAL // Following Google's release of Android, Microsoft has applauded the performances of its own Windows Mobile, the operating system for mobile phones that has already established a strong foothold on the market. According to the Redmond company, Windows Mobile is intimately connected with the Bank of America's Mobile Banking service. The BAI Retail Delivery Conference & Expo was the stage where Microsoft highlighted the fact that the interface of its smartphone operating system was the preferred way of accessing the mobile banking service offered by Bank of America.
"Windows Mobile empowers customers to be productive away from their desk or home, whether they are sending e-mail, managing their calendars or surfing the Web," explained Greg Haislip, industry solutions director for the U.S. Financial Services Group at Microsoft. "With Bank of America Mobile Banking, customers have one more option to connect to important information while on the go."
"Mobile Banking provides consumers with the convenience, security and control of banking anywhere, anytime," added Lance Drummond, e-Commerce/ATM executive for Bank of America. "Consumers can check their balances while shopping, pay bills during their commute and find the nearest ATM for cash - even when they are on the go."
The Mobile Banking service of the Bank of America is addressed at in excess of 20 million customers, allowing for the performing of banking operations via a cell phone or a smartphone. But of course that, in the end, Windows Mobile is still Windows, and as any other piece of software, it raises inherent security issues. Security company Symantec for example, after getting the permission to release security advisories for Windows CE & Windows Mobile from Microsoft, has highlighted a few issues. You will be able to access the advisories posted by Symantec via this link. Ollie Whitehouse, Symantec Security Response Researcher put forward the perspective that mobile phone and smartphone operating systems are just as vulnerable as any other platform is.
"The year is 2007, and while I have to be careful not to throw rocks within the greenhouse in which I live, prevention is the best medicine. These days, all platform providers should be adopting security development lifecycles (SDLs). In addition, mobile providers should be looking to employ all exploit mitigation technologies that are understood and available today, such as DEP (data execution prevention), ASLR (address space layout randomization), stack canaries (to mitigate stack based overflows), heap canaries (to mitigate heap manager attackers). While mobile platforms will present some unique challenges when implementing ASLR due to the use of ROM and execute in place, these need to be addressed in the short-to-medium term", Whitehouse stated.