Judging by the number of television commercials touting the benefits of online banking — you can transfer money while waiting in line at the grocery store, or in the amount of time it takes to warm up for a tennis serve! — you might think that anyone with a smartphone is using their bank’s mobile application. After all, it’s hard to beat the convenience of instant transfers, making deposits without visiting the bank, and the ability to check your balance before you hit the checkout line.
Yet according to one recent survey, 44 percent of U.S. consumers said that they would never use mobile banking apps, in large part because of fear of security risks.
What Are the Risks of Mobile Banking?
For many people, the idea of using a mobile banking application sets up the potential for a worst-case scenario: Their smartphone is lost or stolen, and the thief is able to gain access to their banking information via an application — and easily transfer every single penny to their own account, all before the owner of the phone even realizes that it’s missing. So while they recognize the convenience of mobile banking, the risk just feels too high. It would be bad enough to have emails, photos, social media, and contact lists fall into the wrong hands; banking information could be devastating.
It doesn’t help that another study claimed that as many as 90 percent of all of the top mobile banking applications contained flaws that could potentially be exploited to compromise security. Some of the flaws that researchers discovered included lack of SSL-encryption on certain links within the application, links that could allow hackers to access the application and create fake log-in screens, and errors that could allow hackers to inject malware via the app that would send emails or text messages or make calls from the device. Not all applications contained all of the errors, though, and none of the apps has reported security lapses due to these flaws. In fact, many of the errors identified in the studied applications have since been mitigated — yet consumers still hear “90 percent of applications are dangerous” and shy away from mobile banking.
Avoiding the Risks
Many banks have approached mobile banking security the same way that they approached online banking security, and have taken steps to secure their apps to provide customers with peace of mind and convenience. Applications are now being developed to co-exist with the security features already built in to smartphones, including biometrics and features like Google’s Trust Zone, which helps protect against software hacks.
Still, there are steps that users can take to protect themselves when using banking applications.
Install antivirus protection. Experts note that one reason that smartphones tend to be vulnerable to attack is that users fail to treat them as what they are, which is handheld computers. You wouldn’t run your computer without antivirus, so why are you assuming that your mobile device is safe? Install an Android security program that includes antivirus protection to keep your apps and information safe.
Avoid banking on public Wi-Fi. When you use public Wi-Fi, whether on your computer or on your phone, there’s always a chance that anyone in the vicinity could tap into your connection and see what you are doing. If you are going to use mobile banking, do so only on a secure, encrypted connection.
Use a strong password. Your banking password should be one of the strongest credentials you create and should only be used for banking. Follow current best practices for your banking password: at least eight characters, combination of letters, numbers, and symbols, and avoid using any dictionary words. Never store your banking username and password on your device, even if your bank’s app allows you to.
Download from a trusted source. Fake banking applications are a concern, so only download your bank’s app from a trusted source, preferably the bank itself. Some banks will even text you the link to the download.
Use your phone’s security features. Most users fail to do things like lock their phones using a code or biometrics. Learn about your device and take advantage of the installed features.
Notify your bank. If your phone is lost or stolen and you use mobile banking, notify the bank immediately. They can lock down your account for your protection, and may even be able to help you locate the phone using the device’s GPS.
While there will always be risks involved with banking — even if you visit a teller, things can still go wrong — there is no need to fear mobile banking if you take the right precautions. So go ahead and download that app, and get your banking done even when you’re on the beach or at the tennis court.