Security of Mobile Banking Mobile banking is increasing at a pretty astounding rate – in fact, mobile check deposits have grown by 5 times since 2011. With over half of all internet users being mostly or entirely mobile, this number is only likely to get bigger. But accompanying this trend are growing concerns over the security of mobile banking apps. The last few years have seen some pretty high profile hacks of supposedly secure companies (i.e. Target and Safeway). With over 50 million people banking via mobile apps, it’s a point that must be addressed. Recently we wrote an article on building your own mobile banking app, where we touched upon the security of mobile banking apps. It generated a lot of interest, so we thought we’d cover security more specifically – how secure are mobile banking apps, really? Online vs Mobile vs Traditional There is a general consensus among most consumers that online banking is safer than mobile banking and traditional (ATM/Teller) is safer than either. But is this true? Turns out, not quite. Traditional vs Mobile Traditional banking is seen as extremely secure, but is it? As we’ve seen with the aforementioned hacks of high profile retailers, capturing someone’s card information (including their pin) is not as difficult as we would think. Even without a pin, many debit cards function as a credit card as well – no pin required. This puts your entire financial situation at risk Unlike traditional card methods, mobile apps use a tokenization process which protects your account with a random, single-use code. Your banking information is never put at risk, helping to mitigate the so-called Man In the Middle Attacks. Other key security features of mobile phones also come into play: When you use a device in a banking or financial transaction, your geolocation can be used to confirm the purchase – did the transaction occur near you, or clear across the world? Transactions and bank accounts can be monitored in real time – plus consumers and bankers can communicate near-instantaneously over text messaging. Over 90% of US smartphone users report that their phone is on them all day – like 24 hours all day. When was the last time you kept track of your card with the same level of intensity? Mobile vs PC Alright, but what about that desktop? As elucidated earlier, the desktop is on its way out, but it’s not gone yet. So – is it more secure? Yes and no – let’s dive a little deeper. While mobile phones can have nearly the same level of security as a desktop, most people don’t bother to even install basic anti-malware on their smartphone. PCs, on the other hand, tend to be more protected and the defensive mechanisms are much more robust and tested than the mobile app options. That being said, PC transactions are more robust because they’ve had to be – hackers simply target them more often. This is a bit of the same conundrum with PCs and Macs – Macs are known for having fewer issues with security. Apple would have you believe that’s because they simply have a better code; in reality, it’s because fewer people use Macs, so fewer hackers will target Mac users. The same goes for mobile banking – it’s targeted less because fewer people use their phone for banking, and transactions over smartphones are typical of less value. While this will change as mobile banking becomes more popular, app entrepreneurs have an opportunity here: to make an extremely robust banking app, beyond what the competition is doing. Malicious apps represent a real issue with mobile banking. Over 650,000 apps on Android are designed to hack your mobile phone – and an equal number of apps in the App Store are designed for the same purpose. Most people will download any old app without checking where it comes from and without verifying that it isn’t a malicious piece of code. These apps can capture all sorts of information: banking, texting, credit cards – basically anything and everything you do on your phone. It represents a pretty big security issue with mobile banking. An app of this sort “jailbreaks” your phone and allows the app owner to infect your entire life. Even worse, banking apps are notoriously bad at protecting against this type of app. There are ways around it; for instance, all information must be stored in a secure, encrypted database. Additionally, a good banking app will protect a client’s information by encrypting it from client-side to the bank’s side. That way even information stored on a phone will be encrypted form phishing apps. Yes, there are some issues with mobile banking security. That being said, features like tokenization, increased phone security, improved app coding, constant monitoring/communication, and increased antiviral and malware apps will result in banking that is more secure than we’ve ever seen it. More importantly, it provides an opportunity – the world is in desperate need of a mobile banking app that is locked up tighter than a drum. The technology to build a secure mobile app exists – our developers have been leveraging security tactics on websites and mobile apps for over 20 years. We have the expertise, knowledge, and the technical skills to make a banking app more secure than Fort Knox. All you need to do is pick up your phone and call us at 408.802.2885 or email us today to get 25% off your mobile banking app!