Mobile banking security tips & how to use financial apps safely

Here are a few simple rules to follow

mobile banking

Mobile banking security tips & how to use financial apps safely. Source:

Can you imagine leaving home without your cell phone today? Hardly, right? And it’s not even about the anxiety of missing an important call, a text, or a social network post. Modern smartphones are also convenient portals to financial services.

Most of us spend lots of our free time conducting online transactions – buying and selling things, ordering meals, paying taxes and bills, or chipping in for a party with friends. All these actions can be done 24/7 in any corner of the world if you have a reliable mobile banking app. Of course, those apps also let us keep track of our finances in real-time. Empowering, isn’t it? Especially for those having no access to traditional bricks-and-mortar bank locations. Digital-only banks and their apps are the keys to financial inclusion in many developing economies.

According to Juniper Research, over 2 billion users were expected to access retail banking services via smartphones, tablets, PCs, and smartwatches in 2018, representing nearly 40% of the global adult population. Moreover, the growth of mobile banking trends accelerated to the extent that mobile banking users now represent 50% of the global banked population.

Coronavirus has done mobile banking another favor. This April, the US saw a 200% increase in new mobile banking registrations, while mobile banking traffic rose 85%, according to Fidelity National Information Services (FIS).

At the same time, concerns about the safety of mobile banking transactions remain. In the 2016 survey conducted by the Federal Reserve, only 8% of respondents had no fears and considered mobile banking safe. The situation couldn’t have drastically changed much,  considering the fact that the number of mobile app fraud transactions increased over 600% from 2015 to 2018. Furthermore, Accenture’s evaluation of 30 mobile-banking apps in 2017 found that all of them had at least one security flaw.

Nevertheless, using mobile banking apps can be quite safe if you follow a few simple rules:

  • Choose strong unique passwords

Trivial, as it may seem, the major role in protecting one’s phone and all personal accounts belongs to the owner. Make sure to apply strong passwords where needed. Strong means combining lower-case and capital letters, numbers, and allowed symbols. If you tend to use the same password for all websites, consider choosing a unique one for your banking purposes.

The statistics of password misuse is incredible. Microsoft recently announced that a staggering 44 million accounts were vulnerable to account takeover due to compromised or stolen passwords. Since an average person reuses each password as many as 14 times, compromised passwords are accountable for 81% of hacking-related breaches, according to the Verizon Data Breach Investigations Report. Hence, if you select the same password for your email account and a banking app, you may get in serious trouble.

  • Use multiple authentication factors

One confirmation from the app user is never enough for a truly safe transaction. Double or even triple authentication procedures may sound too long and obnoxious. And yet, it’s an extra layer of security. If you add biometrics into the equation, your finances may remain untouched even when your phone is stolen. Thieves and hackers can get hold of your device, but they surely can’t copy your fingerprints, palm veins, iris patterns, or facial expression.

  • Avoid public Wi-fi

This rule of thumb is known to many but is still often neglected. We won’t enlist all the security issues with public Wi-fi now. Let’s just say, public networks are more susceptible to breaches and less protected than private ones. So, if you need to access your bank account in a public place, use a VPN or a cell phone Internet connection.

  • Use trusted apps

Mobile banking apps are generally safer to use than bank’s websites. In particular, due to the possibility of biometric authentication. However, this is true only when you use a 100% genuine app.

US security research organizations report that nearly 65,000 fake apps were detected on major app stores in 2018, making this one of the fastest-growing sectors of smartphone-based fraud.

The same year, the IT security firm Sophos Labs published another stunning report claiming that fake apps of SBI, ICICI, Axis Bank, Citi, and other leading banks are available on Google Play and may have already stolen data of thousands of bank customers. The fake apps were well-crafted, bearing logos of respected banks and leaving customers unaware. Yet, some red flags may have signaled the danger.

Some were promising generous rewards, including cash back on purchases, free mobile data, or interest-free loans. Others claimed to be providing a too-good-to-be-true service, enabling users to have cash withdrawn at the ATM delivered to their doorstep. Now, we don’t say banks can’t be that generous or caring about their customers. However, if you see the banking app offering great perks, check the official website of your bank to see whether it’s a genuine offer. Besides, official sites should provide a link to their authentic proprietary apps, so it’s a win-win situation.

  • Prefer iOS

If you have different devices in daily use, choose the one working on iOS for mobile banking purposes. According to a recent study by Positive Technologies, over 50% of mobile banking applications are vulnerable to fraud and data theft due to inadequate security layers.

However, 63% of apps running on iOS devices had a low risk of client-side attacks, compared to 57% of low-risk apps on Android apps. At the same time, 3% of apps running on Android devices were vulnerable to high client-side attack risks, while iOS had no such issues. The majority of flaws are generated from the app’s source code based on deep linking technology.

Deep-linking is used differently on iOS and Android: Developers on Android have more freedom of implementation. This explains the larger number of vulnerabilities in Android applications compared to iOSrnrn
Positive Technologies report
  • Beware of viruses

In the times of pandemic, people have almost forgotten their devices need protection from viruses too. Some malicious software is specifically designed to steal one’s banking credentials.

One example of the dangerous virus schemes is provided by the FBI:

Cyber actors target banking information using banking trojans, which are malicious programs that disguise themselves as other apps, such as games or tools. When the user launches a legitimate banking app, it triggers the previously downloaded trojan that has been lying dormant on their device. The trojan creates a false version of the bank's login page and overlays it on top of the legitimate app. Once the user enters their credentials into the false login page, the trojan passes the user to the real banking app login page so they do not realize they have been compromised

Thus, be careful with any downloaded content or suspicious links, and protect your phones with antivirus software. Remember that safety measures in the digital world are equally important to the social distancing we’re all called to be kept today.


Pay Space

6986 Posts 0 Comments

Our editorial team delivers daily news and insights on the global payment industry, covering fintech innovations, worldwide payment methods, and modern payment options.