Abstract: There is no doubt that mobile payment is the spotlight in Internet finance now. Although users can enjoy quick and convenient services, they have to face with more severe security problems at the same time: the attack incidents, such as cellphone Trojan and privacy leaks emerge endlessly. Lots of viruses which are designed for attacking financial payments can steal users’ personal information including account, password and verification code in the proceedings of remote payment and near field communication. Security issues have already seriously impeded the further development of the mobile payment market. To solve the above problems, discusses the security issues in mobile terminals, payments, network and interactive logic of banking business from financial institutions’ perspective was discussed systematically. In addition, current status of relevant security key technologies are summarized from academic research community and industry fields. Finally, based on related research achievements, the design of system architecture and suggestions for mobile payment security are proposed, which can guide the future development of commercial bank.