Evidence-backed regulator content

Bahrain Mobile Banking Security Mandates

- **CBB** — primary supervisory authority for digital banking and payment security.

Primary regulator: CBB

1 official sources registered

Source confidence: 50%

Executive Summary

Bahrain mobile banking applications are subject to cybersecurity and fraud requirements published by CBB. Mobaisec indexes official regulator sources only and extracts keyword-evidence controls — no fabricated mandates.

0 mobile banking controls indexed from 1 official sources.

Regulator Overview

CBB — primary supervisory authority for digital banking and payment security.

Mobile Banking Requirements

Official sources are registered below. Run governance crawl to extract keyword-evidence from published HTML/PDF guidance.

Fraud Controls

Fraud prevention & transaction monitoring requirements are addressed in national banking cybersecurity guidance for Bahrain.

MFA & Authentication

Strong customer authentication requirements are addressed in national banking cybersecurity guidance for Bahrain.

Runtime Protection

Root, jailbreak, and runtime integrity requirements are addressed in national banking cybersecurity guidance for Bahrain.

Device Trust

Device binding and trust requirements are addressed in national banking cybersecurity guidance for Bahrain.

Session Security

Session timeout and re-authentication requirements are addressed in national banking cybersecurity guidance for Bahrain.

MASVS Mapping

Mapped to OWASP Mobile after control extraction completes.

Mapped to PCI DSS Mobile after control extraction completes.

Common Violations

Typical APK assessment gaps: missing certificate pinning, cleartext traffic, weak root detection, hardcoded secrets, excessive permissions, and insufficient session timeout.

Enforcement Risks

Non-compliance with regulator-published mobile banking and operational resilience requirements may result in supervisory findings, remediation orders, and restrictions on digital channel expansion.