10 Dangers of Mobile Banking
Mobile banking may be convenient...
But is it safe? For the most part, experts say yes, but take caution. “As additional people flock to the mobile channel and transactions multiply, the bad guys are paying attention and deploying more attacks against it,” says Julie Conroy, a research director for Aite Group. Here are 10 dangers to be aware of when it comes to mobile banking.
Smartphones and tablets are like tiny computers, so users need to take cautions similar to those used when transmitting extensive private information on a computer. “Mobile banking apps are connected to wireless networks, and these networks are inherently insecure as they broadcast their messages into the open air,” says Ron Vetter, member of IEEE Computer Society and co-founder of Mobile Education LLC.
Studies show that the majority of consumers still don’t have a password on their phone or device, which means that if you lose your phone, technically anyone that picks it up could go ahead and log into the app on your behalf,” Conroy says. Also, your password should be more complicated than, say, 1-2-3-4, to further protect your device and bank account.
If you use your mobile banking app often, chances are you’ve told it to “remember you” upon each visit. But, for optimal security, “One should never allow apps to remember usernames and/or passwords,” Vetter says. Auto-saving your mobile banking passwords gives anyone with physical access to your mobile device access to your money.
If you do banking on a shared mobile device, make sure you are aware of what each user is using the device for. “If they are surfing high-risk sites, there is an increased chance they could be inadvertently downloading key-logging software onto your mobile device and could accidentally compromise your mobile banking session,” Conroy says.
Depositing a check remotely using just a camera and banking app is becoming increasingly popular, but users should be aware that they may not receive their funds immediately. “In many cases, [banks] will protect themselves against fraud by increasing the delay in the availability of funds compared to if you would just deposit that check in an ATM or branch,” Conroy says.
“Consumers tend to assume that just because an application is on an app store, it’s been heavily vetted by either Google, Apple or otherwise,” says Doug Johnson, vice president of risk management at the American Bankers Association. Fraudulent apps can access your financial information if you’re not careful. Download your app directly from your bank’s website to avoid this.
Currently, the majority of mobile malware viruses are written for Android devices. “In the fourth quarter of 2012, 97 percent of all of the malware released into the mobile environment was targeted against Android,” Conroy says. “The Android app store is more open for developers to go out there and publish something.” Other brands are not immune to viruses, she says. Android is just currently “the bad
Be sure to delete all apps before discarding or selling a mobile device. The cleaner your device is, the less likely someone can dig out your personal information. “Use a program that can wipe your phone completely,” Johnson says. For optimal protection, avoid saving sensitive information directly to your phone. “If you have a storage card in [your] device, put your online banking application on that instead,” Johnson adds
If your device notifies you of an update for your mobile banking application, make sure you install it on a timely basis. “Sometimes those updates include security updates, and you want to make sure you have the latest and greatest version of the whole app,” Conroy says. “You really can’t let updates slide when you are dealing with confidential information.” Utilize settings that install updates automatically.
4G and 3G data networks are safely set by universal standards across carriers, but if your device drops into a lower service range, banking transaction security could be compromised. Because mobile apps broadcast data into the open air for transactions, the odds of the message getting intercepted or lost in transit are much greater when the operating network connectivity is low, according to Johnson.