Industry-Leading Security

M-Com employs its proven best practice banking and payments security framework – Mobile SafeGuard – when it comes to security. It has been assessed against industry security criteria by a number of independent systems security experts within and outside banks and deployed into PCI-DSS compliant environments since 2002.

At a high level, M-Com's products offer the following security safeguards:

• Authentication. Mobile banking end-customers and administrative users are authenticated for every interaction with any M-Com application. Authentication can be by username / password or utilize single sign-on technologies.

• Encryption. 128-bit encryption is used for all transactions within M-Com products and between M-Com's server-based infrastructure and bank hosts (such as core banking and payment systems).

• Fraud. M-Com incorporates mechanisms such as transaction validation (e.g. real-time value and velocity checks) and transaction reconciliation processes to proactively detect and address fraud.

• Availability / Resilience. M-Com's technology is protected against malicious attacks through software and server hardening measures.

• Auditability. M-Com's products provide full audit capabilities through event logs and event-based reporting. Intrusion detection technologies enhance the auditability of M-Com-delivered mobile financial services.

• Regulatory Compliance. M-Com's products exceed the regulatory compliance requirements of the US, Europe and other jurisdictions. This includes the auditing and authentication needs arising from Sarbanes-Oxley (SOX), BASEL II and other industry risk management policies and regulations.

Leading the industry with our Mobile SafeGuard security framework is central to M-Com's product development philosophy. Our technology is proven to be safe, robust, resilient and secure. This gives our customers and consumers-at-large confidence in the security of their mobile financial services.