Internet is a digital jungle and the greatest vulnerability of this jungle is “security”. In this column, I will talk about the mobile banking space vulnerabilities and corrective measures.
Mobile banking is exploding. The Yodlee Interactive study discovered the dwindling nature of physical banking and the dependence on smartphones for banking needs. With more than 50% of bank account holders accessing accounts over smartphones, mobile banking is the new vulnerability sinkhole due to the rising number of malware. The 2016 Mobile Threat Report gave us this:
Notice the number of malware detection around the globe, every hour. The numbers are staggering!
With rising technology advancements, businesses adopted mobile banking for transactional ease but without proper security measurements, your business is at risk.
7 Ways to Protect Your Identity and Business
Here they are:
#1 Enable Two-Factor Authentication
Most banking apps come with two-factor authentication facility. The app sends the mobile number a code to be entered after the login name and password is filled. The authentication code ensures you’re the rightful person to access the account. The same goes for online banking dashboards.
If you don’t have either, visit or call the bank customer care for two-factor authentication service enabling.
#2 Use a VPN
A Virtual Private Network (VPN) is THE best method to access a bank account when operating under unsecured connections such as while travelling or using a public Wi-Fi. In public connections, anyone can snoop, record and misuse information. If banking is absolutely necessary under some situations and you’re unsure of network security, use a VPN. A VPN like Express VPN allows you to install it on multiple devices and conduct secure transactions from anywhere.
A VPN encrypts your network and therefore, nobody can misuse it. Read this Yahoo post on how someone hacked someone’s Internet line real-time and delivered a cloned banking website. If this doesn’t convince you to take a VPN, nothing will.
#3 Use a Password Manager
A basic tip but a worthy one! The Internet world riddles us with the need to memorise every password or write them down somewhere. Memory can fail and you can forget the password diary. The best alternative is to use a secured alternative like LastPass. I am using it for last one year and I don’t need to memorise any password. Simply install their Chrome browser extension and/or app, and the only password you ever need to remember is the LastPass password.
It’s both free and paid, and don’t share the password with anyone.
#4 Use Cellular Data
If you don’t have VPN access and need to access bank account in an unsecured connection, turn off the Wi-Fi and use the mobile data plan instead. Why? It’s harder for criminals to latch itself into cellular data and steal information.
#5 SSL Connection
All your data can be intercepted without a SSL (Secure Sockets Layer) connection. The SSL certificate is there on the website to assure the user of the authenticity of the website. To know whether SSL is enabled or not, look at the URL – it should start with https:// if it’s secure. Avoid logging into sites without the SSL connection.
Banking websites do employ SSL and if you notice that your bank suddenly doesn’t have the SSL, avoid logging in as it very well could be a mirror / cloned site shown to you for stealing information.
#6 Beware of Phishing Emails
These have become highly sophisticated that it’s difficult to tell them apart from authentic ones. Banks will NEVER email asking for sensitive information like password, ATM PIN, document verification and other security details over email. It’s a standard directive these days in banks customer care to announce that they don’t solicit any kind of customer sensitive information, over call or email or SMS.
My point is don’t trust emails from banks blindly, especially if it asks for information they aren’t supposed to ask. I use PayPal and Payoneer for global money transfer needs and I, like other users, keep getting phishing emails that look really ‘authentic’ to the actual communication template used by these companies.
Be very careful.
#7 Protect Your Mobile
Like you use security software on laptop, your smartphone needs security too, more so because of the business banking needs. Use a complete mobile security package. Set the smartphone so that it automatically locks itself after few seconds of inactivity. You can use Google’s Device Manager or Apple’s Find my Phone option to locate a lost device and delete sensitive data remotely.
#8 Prevent Bank Lockouts
It’s common. You go on a vacation, need to withdraw money from bank, you login and boom, you’re booted out from the account! This happens because when you try to login to the account from a different country, the bank servers’ lookup the IP address and it’s a red flag if it’s a foreign one.
You can use a VPN to access or notify the bank in advance of your travel plans so the account isn’t locked.
Endnote
Follow these eight ways and have a safer mobile banking experience.