Yes, we hold mobile banking up to the same rigorous standards for security and privacy as all our online services. During the development and beta process, we underwent an exhaustive review by a third-party security auditing firm, who performed both external penetration testing and a source code review.
It's Me 247 mobile web banking passed this very intensive audit with high marks, having no high-risk vulnerabilities found. Medium-risk vulnerabilities that were found and addressed include advanced forms of attacks including cross-site scripting (XSS) and cross-site request forgery (CSRF). Further improvements were made to the hardware and network technologies used to deliver It's Me 247, reducing the ability of attackers to gain information about the infrastructure that hosts online banking that could potentially be used in attacks. All these improvements were made to both the mobile web and the already heavily audited and secured It's Me 247 online banking platform.
We even made a change to e-Notices specifically because of mobile web banking: member personal information is masked on e-Notices so that no one can watch over your shoulder while you are using your mobile device (or your PC!) to review your messages.