Proposed octave-small based security framework for mobile banking among commercial banks in democratic republic of congo

Abstract

Most customers of commercial banks in the Democratic Republic of Congo have been losing vast amounts of money from their accounts to fraudsters and hackers, who are taking advantage of weak security controls. This has necessitated the present study to be conducted for recommending a mobile banking security framework based on Octave-small approach for commercial banks in the Democratic Republic of Congo.The study adopted a descriptive research design and used 549 branches of the eighteen commercial banks in Democratic Republic of Congo, where theKrejcieandMorgan formula was adopted in obtaining a sample size of 227 respondents. The study findings show that asidentifying critical organisational information has a statistically significant positive influence; identifying threats to information systems critical assetshad a statistically significantpositive influenced; there is statistically significant and positive influence of analysing infrastructure vulnerabilities; and risk mitigation has a statistically significant positive influence on mobile banking among commercial bank in Democratic Republic of Congo. The study recommends anoctave-s based mobile banking security framework comprising of five processes; defining sensitive organizational M-Banking information, identify the security requirements of the vital asset, creating key components of vulnerabilities, create a risk profile for each asset, and developing a corporate security policy and mitigation strategy.