More than half of American adults have a smartphone today, and more of us are using them to check balances, pay bills, deposit checks and conduct other banking business.
A March report from the Federal Reserve found that slightly more than a quarter of cell-phone owners and nearly half of smartphone owners use their devices for banking, and that number is only expected to grow. Mobile banking can be a great time-saver, but it also presents the risk that you could have sensitive account data — and by extension, your money — stolen if you’re not careful.
“Remember, your smartphone is much more than a communication device,” says Adam Levin, chairman of Credit.com. “It is a data-collection and storage device. It deserves the same respect as your computer because it is a mini-computer.”
Luckily, experts say there are steps that even non-technophiles can easily take to safeguard sensitive information.
Password-protect your phone
“Mobile devices are lost or stolen often, but roughly only 30% of people lock their phones,” says Jason Malo, a CEB TowerGroup analyst. A simple four-digit password is the bare minimum, he says; many security experts advise an eight-digit password. And wipe down your phone; yeah, it’s gross, but a thief isn’t going to have any qualms about checking out the grime pattern to see where you’ve tapped or swiped.
Stay off public wi-fi networks
This is the same advice you’d get if you were using a laptop. Sending sensitive information over an open wi-fi signal is an invitation to get that data stolen. “If you have to check your bank balance away from home or work, turn off wi-fi and use your 4G or 3G connection instead,” says Joshua Wright, a senior instructor with the SANS Institute, which provides Internet-security training.
Use the bank’s app
“Not only does this provide more capability, such as access to the camera and other peripherals, but since native apps can’t talk to each other, other programs can’t steal information or hijack their processes,” Malo says. If you use your phone’s browser to go to your bank’s website and log in from there, your log-in credentials are more vulnerable to being stolen if someone breaks into your phone.
And make sure the app you download is the real McCoy, says Al Pascual, a senior analyst of security, risk and fraud at Javelin Strategy & Research. “Apple, BlackBerry, Google and Microsoft vet the apps that are available for download through their official app stores, whereas apps from alternate sources may not be verified and could harbor malware,” he says.
Don’t save your log-in data
“If you have the option, don’t save your bank password in the smartphone app. Re-enter your banking password each time you need to conduct a transaction,” Wright says. Yep, it’s a pain in the neck to have to re-enter it every time, but saving your password is like leaving the key to your front door in the lock when you leave the house.
(MORE: Why Banks Love Debit Cards Again)
Keep up with updates
Regularly check your phone’s settings tool for platform updates. “Smartphone vendors will regularly fix security flaws with updated software, which can save your device from being hacked,” Wright says.
Also make sure to install updates to your bank’s app and any third-party security software you have on your phone for the same reason. “Software providers are constantly updating their code for more services, capability and security,” Malo says.
Log off when you’re done
Most bank apps will log you off automatically after a period of inactivity, but it’s smart to manually log yourself out after you’re done, Levin says. “Never stay permanently logged in. This could leave you vulnerable if your phone is lost or stolen and not properly secured.”