Note: This article is part of our Basic Banking series, designed to provide new savers with the key skills to save smarter.
As more and more banks enhance their mobile applications and customers increasingly bank online, there is growing scrutiny on the safety of these transactions.
Many of us are asking the following questions: Is mobile banking safe? Is it better to stick to teller windows, paper checks and ATMs? Can we confidently use the digital resources that are making money management easier than ever?
It can be alarming to read news like the recent report that cyber-attackers attempted to breach nearly 740,000 mobile banking accounts at Italy’s largest bank, UniCredit.
We’ve become used to hearing of such problems with banks and other financial institutions, including extremely high-profile incidents like the 2017 breach of credit reporting agency Equifax that compromised millions of customers’ personal information.
While such offenses are certainly alarming, the good news is that they are rare: Experts say that the risk of cyber crooks penetrating online banking systems is generally low. There are security flaws in many apps, so there are still risks, but usually the weakest link in these systems is how customers manage their online security. That means we have a lot more control than we may think over protecting our finances online.
In this post, we’ll explain how.
Mobile banking risks
A system is only as strong as its weakest aspect, and mobile banking customers tend to present that weakness. Fraudsters can easily take advantage of security gaps left open when mobile devices aren’t running with the latest operating system updates, using weak passwords or lacking other protections like firewalls and antivirus software.
Many phone users don’t treat the security of their mobile devices with the same concern as they do with their laptops and desktop computers. People aren’t as prone to installing operating system updates on their phones, or running antivirus and anti-malware programs that can detect and prevent security breaches. A troubling 43 percent of mobile device users don’t even have any kind of passcode, PIN or pattern lock set on their phones, according to Accenture.
While user error poses the largest risks for mobile banking security, there are relatively low risks from other aspects of the system, including networks and the apps themselves. Risks from network insecurity can be mitigated by customer vigilance in when and where they do mobile banking. But banks themselves are responsible for ensuring the highest security for their apps.
A 2017 Accenture study of 30 mobile banking apps found at least one security flaw in every single one of them. A quarter of them had at least one high-risk security flaw, leaving customers vulnerable no matter the security precautions they took on their own phones. Customers should watch out for how their bank handles mobile security.
How to protect against mobile bank fraud
As a mobile banking customer you have a lot of control over the level of protection you enjoy as you bank on your phone or tablet. Here are some tips to make sure you are not the weak link in the security chain.
- Set strong passwords for your bank apps and set up fingerprint or face ID if it’s available to you. Make your passwords long, complex, unique and hard to guess by using a combination of uppercase letters, lower-case letters, number and symbols. Change your password regularly. Using a secure password-management software can help you avoid writing them down, which presents its own risk.
- Use a secure network connection. Banking on public Wi-Fi, particularly unsecured networks, is never a good idea. Avoid banking in public places, or use a virtual private network (VPN) to ensure your connection is secure and your data is encrypted.
- Install updates regularly. The companies that make your operating systems and software continuously update their products, in part to close any security gaps or loopholes. It’s essential that you keep your operating system and apps up-to-date in order to ensure the greatest possible level of security.
- Run security software. There are many antivirus and anti-malware applications that protect computers from attacks. Mobile phone users may not consider these as important for their devices as they do for their computers, but you can vastly increase your mobile security by using a mobile antivirus and/or malware-detection app available from a trusted company.
- Sign up for fraud monitoring. For those particularly concerned with the security of their online banking can go the extra mile by signing up for fraud-monitoring and identity-protection services that can monitor your accounts for any suspicious activity.
- Use a security-focused bank. If you have done your due diligence as a customer but feel that the app your bank provides has security flaws, your best bet is to switch to a bank that takes mobile security more seriously. Things to look for in mobile banking apps are two-factor authentication, tiered authentication that presents higher security for higher-risk activities, a limited allowance for log in attempts and automatic time-out after a period of inactivity.
It takes only a little bit of extra vigilance and security-mindedness to ensure that your mobile banking experience is as secure as possible. If you do your part as a customer, the risks from mobile banking are relatively low and you can bank with confidence this way.