About Mobile Phone Banking

China's mobile banking business began in 1999. Like WAP, early mobile banking had a high threshold for use and a poor user experience. However, the bank was only satisfied with the concept propaganda and did not really work hard on the content, which dampened the enthusiasm of some customers interested in the business, leaving customers with more negative impression on mobile banking and making the development of the business not smooth. However, with the continuous progress of information technology and the gradual change of banking business philosophy, the basic conditions of mobile banking in China are gradually maturing. Especially with the rapid development of mobile terminals, the quality of wireless network has been greatly improved, and the problems that originally restricted the development of mobile banking have been gradually solved. Since 2004, the mobile banking business has regained the attention of all banks. Many banks, including China Construction Bank and Bank of Communications, have launched their own mobile banking systems.

System architecture of WAP mobile banking

WAP has been used for mobile internet in China since the late 1990s, but it was not popular in the market at that time. The root cause was that WAP was based on dial-up mode at that time, the internet speed was slow, the cost of charging by time was high, and the support of mobile terminal was lacking. Now, with the improvement of network conditions, the above-mentioned obstacles restricting the development of WAP technology no longer exist. Mobile 2.5G GPRS network and Unicom 2.75G CDMA1x network have cultivated tens of millions of WAP users, and a huge new network application is being popularized. At the same time, as the most concerned security issue for banking applications, it has also been solved with the upgrading of WAP 1. x and 2.0 mobile terminals and WAP gateways.

The Bank of Communications has seen the maturity of WAP application, fully learned the experience and lessons of other banks' mobile banking business, paid attention to reducing the threshold of customers' use, and launched the mobile banking based on WAP communication mode.

The mobile banking system of Bank of Communications adopts a three-layer architecture system, which is the access layer (client mobile phone), business support layer (mobile banking service system) and banking business platform. Mobile banking customers' mobile phones use WAP access technology to interact with the mobile banking system through their respective operators' gateways, and the mobile banking system then interacts with various banking business systems through the online banking gateway.

Mobile banking of Bank of Communications can connect China Mobile and China Unicom at the same time, with a wide geographical coverage and a wide range of applicable customers. Compared with other similar products on the market in 2013, it has obvious advantages such as rich functions, convenient operation, safety and reliability, and simple application procedures. In 2013, this mobile bank can not only provide personal financial services such as account inquiry, card-card transfer, credit card repayment, verbal loss reporting, mobile phone recharging, but also can be used for fund transactions and foreign exchange treasure transactions. In addition, it also provides public information services such as foreign exchange trading price, market, consultation, K-line chart inquiry, stock and securities inquiry.

Security of mobile banking of Bank of Communications

In the mobile banking system of Bank of Communications, if the protocol supported by the customer's mobile phone is WAP 1. x, the WAP 1. x architecture is adopted. The security between the mobile phone and the gateway (mobile or Unicom gateway) is guaranteed by the WTLS (wireless transport layer security) protocol. WTLS is the wireless version of TLS security protocol. WTLS can ensure the data integrity, confidentiality and authenticity between the mobile phone and the gateway. The security between the gateway and the bank's WAP server is guaranteed by the optional SSL (Secure Sockets Layer) or TLS (Transport Layer Security Protocol).

SSL ensures the data integrity, confidentiality and authenticity between the gateway and the WAP server. If the protocol supported by the customer's mobile phone is WAP 2.0, then the customer's mobile phone has directly supported various Internet communication protocols, and the security between all mobile phones and the bank's WAP server is directly guaranteed by the optional TLS. This is transparent to the intermediate gateway (wireless IP routing). TLS ensures the integrity, confidentiality and authenticity of the data between the customer's mobile phone and the bank.

The mobile banking system of the Bank of Communications supports both the above two protocols and provides security assurance based on this WAP security architecture. When customers conduct business transactions, key sensitive fields of customer transactions are encrypted. For transactions between customers, key fields are encrypted using industry-recognized security encryption algorithms to ensure the security of customer transactions. It is worth mentioning here that due to the lack of understanding of new technologies, people tend to pay special attention to the security of mobile banking, and even stay away from such service means as mobile banking. In fact, due to the operator's encryption algorithm for air wireless transmission encryption, the key is stored in the card on the user side and in the equipment of the infrastructure on the network side, and the use of a variety of defense mechanisms such as slow frequency hopping technology, it is technically very difficult to achieve the purpose of stealing wireless signal content without the help of the infrastructure on the network side (such as MSC/VLR, HLR, etc.). The banking department, as an application development unit, will also pay enough attention to the security of mobile banking. Therefore, mobile banking in 2013 has sufficient security assurance from the application itself.