With mobile apps now offered by virtually every financial institution, more and more people are choosing mobile banking as their preferred method of payment. In the United States alone, more than 75% of Americans used mobile banking apps in some form in 2019, with financial data studies suggesting that mobile banking has grown significantly in 2020 and will continue to grow in the years to come.
This has led many to wonder how secure mobile banking really is, especially in light of the rise in cyberattacks in recent years. In this article, we cover mobile banking security as well as some of the best practices you can adopt to ensure a secure mobile banking experience.
How Mobile Banking Works
Basically, mobile banking is a service provided by banking or financial institutions that allows customers to conduct financial transactions on a mobile device (i.e. mobile phone, tablet, etc.) . Mobile banking is generally app-based, meaning most banks offer apps that customers can download and access their bank account. From there, most mobile banking apps allow customers to pay bills, track expenses, transfer funds, and even deposit checks.
Types of mobile banking cyberattacks to watch out for
Due to its convenience, more and more people have turned to mobile banking as their primary means of payment, especially during the pandemic when many banks have temporarily (or even permanently) closed their physical branches. With this recent uptick in adoption, the FBI has warned of exploit techniques that cyber actors could use to target mobile banking customers, including fake banking apps and mobile banking trojans. apps.
Fake banking apps
As the name suggests, fake banking apps are designed by cyber actors to impersonate genuine banking institutions, with the aim of tricking customers into entering their login credentials. How this is accomplished is that the fake app can display an “error” message after a login attempt, or take advantage of smartphone permission requests to bypass and obtain security codes sent to users via SMS.
App-Based Banking Trojans
Banking Trojans are malicious programs that can be disguised as other applications, such as games. Once downloaded, the Trojan will be triggered when a user launches a legitimate banking application and then creates and overlays a fake version of the bank’s login page on top of the legitimate application. Once the client enters their login credentials in the fake page, the Trojan redirects them to the real login page so that the user does not know that they have been compromised.
Tips for Improving Mobile Banking Security
As banking institutions invest heavily on their own to secure their customers’ accounts, here are some precautions you can take to increase the security of your mobile banking experience.
Be sure to download an official banking app
By far the most efficient and secure way to download a mobile banking app is through your bank’s website. Most banks provide links to their official app on their website, which will redirect you to the app store page where you can then download the app to your mobile device. To make sure you are downloading the official banking app, check the owner or developer of the app.
Avoid using public Wi-Fi
Although it can be convenient, avoid using public Wi-Fi when doing mobile banking. Public Wi-Fi networks are generally unsecured, which means that others can monitor your actions online, putting you at increased risk of being exploited by malicious actors. If possible, use your cellular network if you need to access your mobile banking app in public, or wait until you’re home to use your home Wi-Fi.
Set a strong password
Password security remains one of the best ways to protect against cyberattacks. A strong password should be unique and contain a random mix of upper and lower case characters, numbers and special characters. Passwords should preferably not be repeated across multiple accounts. If you have trouble remembering your passwords, use reputable password manager software rather than a password manager built into your browser.
Take advantage of 2FA or MFA
Although two-factor authentication (2FA) and multi-factor authentication (MFA) on their own are not completely secure, they provide additional layers of security by requiring users to confirm their identity in multiple ways. Most mobile banking apps today offer 2FA or MFA as part of their standard mobile account setup. These usually come in the form of SMS or biometric (i.e. Touch ID) security codes and can be enabled in your mobile app‘s security settings.
Set up alerts by email, SMS or in the app
While mobile banking alerts can be set to notify you of account payments and transfers, they can – and should – also be set to notify you of potentially fraudulent or suspicious activity. This way, when a suspicious transaction occurs that does not match your usual banking or spending habits, you will immediately receive an alert about it. Often, you will also be able to approve or decline the transaction by responding to the alert.
Should you use a mobile banking app?
Ultimately, mobile banking has increasingly become people’s preferred means of payment due to its convenience and due to its growing popularity, most banking institutions are responding accordingly by investing heavily in technology. high-end encryption to secure their customers. . With a few extra security precautions on your part, there’s no reason why you shouldn’t use a mobile banking app.
Gary Wilkinson’s Story