How to safely use mobile bank applications?

Mobile banking is growing rapidly and not only the biggest banks understand that it’s the future, but also the smaller ones. Best mobile banks offer very advanced security solutions like swipe-recognition. Unfortunately for us, customers, not all banks offer the same mobile experience. A bank on your smartphone is a convenient solution, but you have to remember about the security rules. Just as in the case of internet banking, we care about protecting our computer or tablet, so in the case of mobile banking, we should protect our smartphone.

First of all, let’s download apps only from the bank’s official website. However, if the bank’s website sends us to a store, let’s make sure that the software is produced by our bank. Also, always use the latest version of the application.

Set a limit for transfers and mobile expenses. Banks automatically set limits for transactions ordered via the application on the phone. These limits are usually lower than those ordered from the computer via the internet banking service. If the limits for mobile banking are too high for our needs, they can be further lowered. In this way, we protect ourselves against unauthorized transactions.

Let’s use SMS notifications. These are messages that we receive on the phone after each transaction (incoming and outgoing). Thanks to them it will be easier for us to control changes in our account balance and it will be easier for us to assess whether someone sneaked into our account.

In addition, let’s set strong passwords: separate for the phone and for the banking application. The password to the phone (e.g. PIN code, hose, fingerprint) allows you to block the start screen and access to the application. This is particularly important if your phone is stolen. Passwords to the phone and banking applications should not be the same or similar. When they are, the hacker, after breaking one, the other will get as a gift. Passwords have to be difficult to guess and should not be associated with information contained in documents that may be stolen from the phone.

Our smartphone should be equipped with antivirus protection. This type of software detects and neutralizes such threats as viruses, worms, malware. It is best if the security also contains a firewall, which is a firewall that repels attacks aimed at breaking into our device. However, even cheap antivirus software, without a firewall, is desirable. Usually, the operator doesn’t us charge for such a service or the fees are small.

There are many anti-virus security apps available on the market and not every user is able to learn about all of them. However, we should know what operating system our phone supports, so that we can easily find by ourselves – or with the help of a professional – a product suitable for our needs.

However, there are situations when we give our password to others and we don’t act recklessly doing it. We have to do this when the smartphone is handed over for repair. Then it is safest to block the possibility of making any financial transactions on the phone for some time, even for small amounts.

It is worth being vigilant to suggestions to update your operating system. Usually, each subsequent version of the software is more secure than the previous one. However, you have to be careful about sending to your phone text messages containing links with an alleged operating system update. In fact, it can be malicious software that performs unwanted operations on the phone, without the user’s consent and knowledge.

Let’s also make sure that the option preventing installation of software from unknown sources is enabled on the phone.  This way we will increase the security of the device. Moreover, we should avoid logging into mobile banking from someone else’s smartphone or tablet.

Banks also ask us to set up an additional PIN in the transaction service, which will only be used when logging into an account by phone. This password is not stored in the device, so it stays safe even during a theft or cyber attack.

Hackers use various ways to steal our data

A common method used by hackers is to obtain from users of computers and mobile devices, data enabling access to a bank account (e.g. login and password) or data to confirm transactions (e.g. code, password). This can be done e.g. by means of a false e-mail from a bank, containing an attachment, after the opening of which our device gets infected with a virus. Thieves, using malicious software, can remotely control what is happening on our device screen. After taking control of the device, cybercriminals can take over our mobile passwords to approve transactions, which are then used to send money to thieves’ accounts.

Let’s read carefully the content of each SMS message from your bank. Report all unusual situations immediately to the bank. Some banks encourage customers to periodically review the history of transactions, including card transactions. Each time you log in, let’s also check the date of the last successful and unsuccessful login to mobile banking – this may help to detect possible actions of criminals.

Security rules are all the more important as cybercriminals are increasingly taking advantage of vulnerabilities in the software installed on their mobile phone and thus gain access to sensitive data. Such dangerous actions include: taking control over e.g. a smartphone using SSDP and UPnP protocols (allowing communication between devices on the network), installing false software using QR code, or the Bug Stagefright method, which usually involves sending MMS, through which a cybercriminal can penetrate the content of the phone – this method is particularly dangerous because it doesn’t have to be activated by downloading a file or opening an “infected” email or SMS. However, in contrast to typical “phishing”, it’s not necessary to open the correspondence in the form of an e-mail or SMS, nor to download the suggested files. The attacker only sends a message to the indicated phone number (usually in the form of MMS), and then begins to explore its content.

Let’s remember:

Mobile banking is a very convenient solution, which is used by more and more customers. Remember, however, that the security of the mobile banking depends not only on the bank’s transaction system but also on our smartphone and the way we connect it with the Internet. Banks and telecommunication operators ensure that the safety of the carried out transactions are at the highest level. However, in order to effectively defend ourselves against cybercrime, we need to cooperate with banks and telecom operators using the recommended security rules.

But what if the phone has already been stolen? In such a situation, time counts – the phone number must be blocked as soon as possible. Some more precautionary users also temporarily block an account with a bank in order to prevent any transactions. Once the situation is clear, you can easily restore the features the bank has blocked.

Compsmag