Executive Vice President and Chief Security Officer, Customers Bank
It’s no secret that mobile banking has completely revolutionized how we, as consumers, manage our finances. From making deposits to checking balances to paying bills, we are increasingly performing our most fundamental banking tasks from the convenience of our mobile devices, 24 hours a day, wherever and whenever we please. In fact, mobile banking has nearly tripled in use – from 23 percent to 64 percent – among U.S. adults in just the past five years, reports ResearchandMarkets.com. According to a recent report from the financial services software provider Fiserv, the use of mobile services like digital wallet use, mobile bill-pay, and person-to-person (P2P) services isn’t just growing; it’s skyrocketing, with an average of nearly 50 percent growth compared to last year.
However, the security of mobile banking transactions remains a serious concern. While more than half of U.S. adults “want to be connected to the web at all times,” according to Fiserv, an equal percentage strongly distrust Internet security and privacy. It’s the greatest paradox of modern-day banking: how can we want the convenience of mobile banking, and be so afraid of it at the same time?
The good news is this: mobile banking does not need to be synonymous with risk. The threat of cyberattacks is relatively low thanks to the system requirements and precautions that banks already have in place. As for other threats: as consumers, we are our own strongest security advocates, capable of keeping our data secure when using our phones to conduct banking – as long as we know how.
Here are some tips to help you enjoy the convenience of mobile banking while keeping your data safe.
Avoid using unsecured wireless access points, such as those found at airports, coffee shops, and hotels, when logging in to your accounts through your mobile device. Unsecured wireless access points are easy to intercept, putting your login information – and the data it protects – at risk. Only use secured wireless access when you’re banking from your mobile device.
Never download banking apps on a “jailbroken” device — one that’s been modified to let users make changes and download apps that aren’t normally accessible or approved for that device — because, when you do, the operating system’s security layer is no longer enforced. Also, be sure to download the app only from your device’s native app store. Avoid apps that require third-party permissions.
Cyberattacks often attempt to leverage “bugs” found in outdated versions of bank apps. Check regularly for updates to your bank’s mobile app, and make sure to download the most current version of it, along with the most current operating system for your device.
Avoid using the same password across multiple online accounts, and make sure you create a strong password that is a mix of upper and lower case letters, numbers, and special characters. Avoid using any words or phrases that contain your name, initials, or your birthdate. For maximum security, update your password every few months.
Most banks offer some form of multi-factor authentication like a one-time passcode (OTP) delivered via voice or text. This will thwart criminals that may have compromised your credentials. Also, enable alerts where money leaving your account is involved, as in, when a new bill payee is created or a large amount of money leaves your account. This will help you detect unauthorized activity.
Your bank may send you e-mail and/or text alerts and updates. When they do, avoid clicking any links in the e-mail and instead log into your bank’s app to ensure that you’re entering a secure site. In addition, don’t respond to emails or text messages that ask to verify your identity by providing your username or password. Banks will not ask for this information via email or text.
Set the screen on your mobile device to lock after a certain amount of time and use a password and/or a biometric indicator to unlock your mobile phone. Also, use PINs or other security features enabled on your smart watch. Avoid storing your passwords on your mobile device.
Check your accounts regularly to make sure all transactions posted are transactions that you authorized. Report any fraudulent or suspicious activity to your bank.
Banks and other financial institutions do everything possible to prevent data breaches. By taking the steps above, you can do even more to ensure that your mobile banking experience will be safe and secure.