Using your phone to access bank accounts, make deposits and pay is convenient, but is it really secure? According to an analysis by IO Active Labs, the answer is…not really. Of the apps it audited, 40% did not validate SSL certificate authenticity, and 70% did not use multi-factor validation. That makes life pretty easy for identity thieves; they only need one piece of information, like a password, to crack into your accounts.
Assuming that doesn’t scare you off from using your mobile device to access your financial information, it does underscore the need to be personally proactive about mobile security. Here are a few hacks and suggested security apps to protect your financial data when you bank on your smartphone or tablet.
Conduct your own mobile security audit. The threat of identity theft is kind of like death: The odds are high that it will happen to you when you least expect it, yet most of us ignore that realty until we’re staring down the barrel of the proverbial gun.
The best way to prepare yourself from being a victim of identity theft or security breach? Simulate what you will face before you’re under the threat to address your vulnerabilities. Role play exactly what would happen if you lost your mobile device:
- Is the password security feature activated on your device? How many minutes pass before it activates when the phone isn’t in use?
- Do you have the information you need to suspend bank and credit card accounts if when you’re near and not near a computer?
- Do you know the phone numbers to each financial institution and credit card providers 24/7 customer service line?
- Do you know the answers to security questions you’ll need to verify your identity with credit card issuers and financial institutions?
- Do you know how to quickly reset account numbers and passwords from a different device, if your phone or tablet is lost or stolen?
- If not, there are security apps that simplify the process: Checkout Lookout Security & Antivirus for Android, or 1Password for iOS.
- What are the odds someone could crack your passwords? (Amazingly, 123456 and “password” are still commonly used).
- If a person was able to log into your phone or tablet, what would they find in it that could be used to infiltrate your other personal information?
Don’t log in to your accounts on open Wi-Fi. By definition, WiFi hot spots are free to the public. You cannot control who is on the network or predict whether that person has the tech skills to start a cybersecurity issue. Resist the urge to log into your bank and credit card accounts on your mobile device until you are on a private, password-protected connection. Though many mobile banking applications use encryption technology to protect your data,it’s better to wait a few minutes to find a secure connection than take the risk.
Use mobile apps instead of browsers. Despite the security concerns associated with lots of supposedly secure apps mentioned above, you’re still better off using your financial institution’s secure mobile banking app than accessing your account info though a mobile browser. Just make sure to download it directly from your financial institution instead of the app store, to confirm you’re not duped into downloading a fake version of it.