Octave-Small Based Security Framework for Mobile Banking among Commercial Banks in the Democratic Republic of Congo
Makeusa, Olivier Fumbu
MetadataShow full item record
Commercial banks face severe concerns over mobile banking security issues due to substantial monetary losses on customers’ accounts. Most customers of commercial banks in the Democratic Republic of Congo have been losing vast amounts of money from their accounts to fraudsters and hackers, who are taking advantage of weak security controls. This has necessitated the present study to be conducted by proposing a mobile banking security framework based on Octave-small approach for commercial banks in the Democratic Republic of Congo. The specific objectives were to; determine critical organisational information influencing the design of a mobile banking security framework for commercial banks in DRC, Construct risks to sensitive assets in information systems that contribute to the implementation of a mobile banking security mechanism for commercial banks in the DRC, analyse infrastructure vulnerabilities prompting the design of mobile banking security framework for commercial banks in DRC, analyse risks prompting the design of mobile banking security framework for commercial banks in DRC, and recommend a security framework for mobile banking among commercial bank in DRC. The research followed a descriptive design, where 227 respondents from the 549 branches of 18 retail banks in the DRC were chosen for the survey. Information was obtained using both questionnaires and interview guides. The questionnaire was used to collect primary data, and the interview guide was used to collect data during interviews. The data were evaluated using a quantitative method to produce descriptive statistics used during inferential analysis to build a model. The study concludes that critical organisational data does have a moderately significant effect on the design of innovative banking security frameworks among reta0il banks operating in the Democratic Republic of Congo; threats to vital M-banking assets moderately impact the effectiveness of mobile banking security frameworks for retail banks operating in the Democratic Republic of Congo, Modest essential and positive effect of infrastructure vulnerabilities significantly impacts on the design of the Mobile Banking Security Framework for the Democratic Republic of Congo retail banks and, Risk reduction has a significant moderate impact on the design of these Mobile Banking Security Framework. The results of the study suggest the detection of sensitive operational information, the identification of risks to strategic assets in information systems, the analysis of network weaknesses and risk analysis, the establishment of a security protection policy and mitigation plan are key determinants of the security framework for retail banks operating in the DRC. The study proposes a four-stage octave framework; identifying critical organizational details for M-Banking; consider the security needs of a valuable asset, creating a risk assessment for each asset, highlighting the key vulnerabilities, and establishing an organizational protection and mitigation strategy in place. The suggested architecture model would include a protection mechanism to secure mobile banking, split into three primary security layers: the client, the contact channel, and the server. The study results would enable commercial banks in the DRC to concentrate on developing and enforcing customer-side protection to reduce this banking service system's risks and vulnerabilities.