Convenience is simply what most people want in their lives. Whether it’s a quick meal or an easy commute to work, the goal is usually to make the tasks we must do all the time easier. The same holds true with our normal banking transactions. Most banks have realized this, of course, and adopted new features so that we might avoid those long lines and get our business done more quickly. The pinnacle of this effort can be seen in the number of mobile banking apps available to bank customers. Gone are the days of actually physically going to the bank. Instead, you can check your accounts and pay bills all from the convenience of your own smartphone. There may be a downside to all this convenience, however, and it all comes down to security. A recent report of 40 mobile banking apps highlights that most of them have some serious security flaws. So how can you know if the mobile banking app you use is safe? Here are some points to check out.
According to the report, a full 70 percent of tested apps had no support for the fairly common feature of two-factor authentication. This feature usually works by sending you a one-time use code (normally via text message) whenever you put in your account password. This means that even if cyber criminals somehow get hold of your password, they’ll be out of luck if they don’t have your phone as well. While two-factor authentication is used for numerous accounts out there, like email, for some reason it hasn’t quite caught on for mobile banking apps. Make sure your app has the feature, or else you’re best off avoiding the app altogether.
One of the more alarming findings from the report shows that 90 percent of mobile banking apps didn’t use SSL encryption for some of the links in the app. The mobile apps still used encryption at other points, which makes the lack of it in other areas all the more confusing. When encryption isn’t used, it increases the chances of criminals intercepting sensitive data, and considering the kind of data they could steal from a banking app, that’s simply too big of a risk.
All mobile banking apps of any reputable background will have password protection, but it’s up to you to make sure it’s used correctly. Any password that’s protecting your bank account information should be one that’s tough to guess, usually seven or more characters with a combination of capital and lowercase letters, numbers, and symbols.
When you have decided on your password, make sure you have to input it each time. In other words, don’t select the auto-fill option; should your device fall into the wrong hands, it would render the password pointless.
As important as the security features on your app are, of equal importance is the type of connection you have. Even the strongest encryption and fastest two-factor authentication won’t do much good if your network connection is unsecured. This is especially important since more and more businesses are allowing employees to use their own devices at work through bring your own device (BYOD) policies, in turn raising the issue of BYOD security. If your company’s network isn’t secure, then any data transmitted through that network could still be picked up by attackers. If you’re unsure about your current connection, don’t use your mobile banking app until you’re in a place with secure Wi-Fi. Above all else, you’ll want to avoid accessing your banking app when on a public Wi-Fi network.
The security failings surrounding mobile banking apps are sadly a legitimate concern. While banking institutions will no doubt work to improve their security features, for now, any transaction done on a banking app should be done cautiously. Attackers are seemingly everywhere, ready to steal your data, install malicious mobile malware, and even take total control of your device. Even with big data analytics and malware experts working to prevent such attacks from happening, the risks still remain. Taking the cautious approach is always advisable, so every step you can take to make sure your banking app is secure is one step closer to safer online transactions.
~ Rick Delgado