Your Phone May be 'Smart' But Are You?
Still have a desktop computer? Don’t admit it. These days, it’s totally last century to have a separate screen and keypad. Those wires and connections? Embarrassingly passé. A land line is, well, laughable. Mobility is the name of the game when it comes to technology. And we’re adopting it at warp speed.
Fifty-two percent of Americans owned a smartphone last year, and by 2017 that number is projected to jump to 77%. Over this same period, the number tablet users is expected to grow from one in three to more than 50%, according to Javelin Strategy & Research, a major provider of data and security advice to the financial services industry.
We’ve reached the point where internet access and information has to be fast and convenient--no matter our location. This is especially true when it comes to financial transactions: We can now deposit a check, buy clothes and pay our mortgage without ever stepping into a brick-and-mortar establishment. The only thing required is wi-fi or a cellular phone connection to the internet.
Last year, 67 million adults used some form of mobile device to communicate with their bank, whether this was to check their balance, transfer money or make a payment. In just five years Javelin predicts this number will double.
And herein lies the problem: Identity thieves are well aware of this trend and working diligently to find weaknesses they can exploit to their own advantage, just as they’ve done with computers. Phishing has gone mobile along with other forms of ID theft. If you’re going to use a tablet or smartphone to make financial transactions, you need to be smart about how you use this technology.
Al Pascual, senior analyst of security risk and fraud at Javelin, says the first step to protecting personal information is to only purchase apps through the app store on your mobile device. The goal is to limit the number of times you transmit your confidential financial information, such as credit card and bank account numbers, passwords, etc. “Apple’s App Store and Google’s Play Store have your card on file. It’s not being transmitted, so it can’t be intercepted.”
The problem is that Android-based devices are based on a platform that is designed to allow third-party apps, he says. “Be careful about what apps you download, especially free apps,” warns Pascual. “If you purchase an app through a third-party app store, there’s the potential for fraud.”
He also recommends downloading a bank's app directly from its website. “Criminals are creating rogue apps that take legitimate bank apps and re-engineer them. They install code to watch your transactions and capture your log-in information.” This is all they need to clean out your account.
Never connect to your bank or credit card website by clicking on a link in an email, which could take you to a bogus site that looks legit, but isn’t. While this type of trick has been used with computers for years, Pascual says you’re more vulnerable to it when using a mobile phone or tablet. “The browser bar on a mobile device is smaller, so you only see the first 10-12 characters of the web address. You don't know you’ve been re-directed somewhere else.”
Android phones have an option that permits you to block the downloading of all third-party apps, something Pascual strongly advises doing.
Do not use wi-fi to make financial transactions, especially if it’s an open wi-fi hotspot where your transactions can be hacked and watched. Use your cellular network instead of wi-fi. It’s much more secure, says Pascual. “A browser has vulnerability in its design. Most are based on the same underlying code. Criminals are pretty familiar with the vulnerabilities of browsers and can back-door their way in and intercept information you enter.”
When you’ve completed your transaction, log out. “Mobile banking apps will keep you logged in for much a much longer period of time- 15 minutes. That’s significantly longer than online websites.” Some don’t time out at all. If your phone or tablet is stolen, your account is a sitting duck.
The following should be a no-brainer, but according to Pascual, many of us are either extremely trusting or just plain lazy since he says many of us don’t assign a pin and/or password to our mobile devices.
Today, the majority of financial transactions are still be made over desktop or personal computers. But “over time,” says Pascual. “as the use of mobile devices grows, they will increasingly become targets.”
Take it from a guy who describes himself as “extremely paranoid” and yet sometimes uses his mobile devices for banking and other financial purposes. But here are his three last tips:
- Always use your cellular network (Not wi-if)
- Always log out
- Always lock your phone