"We rely on the security of the phone to allow people to get into the app, but then you have to authenticate yourself against our back-end system," he says.
"During the design of apps we always assume that a phone can be lost," and they keep in mind what would be lost in case someone cracks the encryption. "We continually have ongoing discussions with our usability group about this," he says. "The usability group wants to make it easier for people to use the phone, while the security folks want to make it more difficult."
Sign up for CIO Asia eNewsletters.