The Swedish Data Inspection Board (DIB) has advised Danske Bank that the changes that it has planned to its mobile app netbanking system, do not satisfy the Board’s requirements on the safety of personal information.
The ruling, which can be appealed, follows the DIB’s approaches to Danske Bank, Nordea and Handelsbanken operating in Sweden in 2012, informing them that their apps did not live up to Sweden’s personal information security requirements.
“We will not be appealing the Board’s decision, but we will be working with them,” says Jesper Nielsen, Danske Bank’s Head of Business Development.
“Danske Bank is satisfied with the safety of our mobile solution, but we take the Swedish Board’s response very seriously and will be entering into a dialogue with them to find a solution,” Nielsen says, adding the bank has had no complaints from its users, nor has it been approached by the Danish Data Protection Authority.
Nielsen says that Danske Bank is considering a variety of options in connection with the Board’s response, including those being adopted by the other banks.
The Board’s latest ruling, based on responses from the three banks on intended changes to their systems to bring them in line with requirements, accepts plans from Nordea and Handelsbanken, but not from Danske Bank.
While the integrity of bank accounts is not at risk, the personal information that is available in connection with netbanking through the mobile app is.
Danske Bank had responded to the Board saying it planned to employ Behavioural Biometrics as an addition to its various pin-code systems – by identifying a person through various parameters of their behaviour that are seen as being unique. This could, for example, be the speed and key pressure a person used to key in data on their cellphone.
Nordea and Handelsbanken on the other hand, both of whose planned corrections the Board has approved, suggest that their app be restricted to a single mobile phone.
FACEBOOK – Follow Politiken’s News in English