United States

Trouble on the go - educating bank customers about mobile security threats


With the transition from in-person banking to online banking to mobile banking, banks are faced with the increasing and evolving challenge of how to keep their customers abreast of security threats. That means not only evaluating which channels to use to communicate with customers now that the paper statement inserts are largely a thing of the past, but also deciding which security threats to focus on.

For mobile banking customers, targeting threats is especially important, as banking with smartphones is new behavior for most. Many often don't understand the new risks mobility exposes them to. With that in mind, the following are five threats banks should bring to the attention of their customers.

Free WiFi often isn't
Smartphones, tablets and other mobile devices are almost always wired to look for a WiFi signal whenever they can find one. As free WiFi hotspots proliferate at everywhere from coffee shops to restaurants to your favorite store, mobile users can lose sight of the fact that security on many of these public access networks is inherently weak. These vulnerabilities can make it easier for someone else to scan your system when you are online in these locations.

In some cases, free WiFi can actually be malicious and be set up specifically to give unauthorized users access to attack your device. Mobile users should think carefully about what they choose to do on a public network. Do you want to just scan the latest news? That's probably fine. However, if you're going to enter a password that would give a hacker access to personal or sensitive data, it's best to wait until you are home or on another secure network.

Be careful with QR codes
QR codes are a hot marketing tactic. Mobile users are encouraged to scan a QR code on everything from billboards to real estate listings. However, some QR codes are set up specifically to attack your device. Think of the phishing scams most email users are already aware of; they are designed to get email users to drop their guard and click on a malicious link. Every time you scan a QR code, you're, in essence, clicking a link. So be sure you trust the code's source before you scan.

Activate auto-locate features
Smartphones are among the most commonly stolen consumer goods today. And, if you haven't lost your smartphone, you probably know someone who has. Many smartphones have features that allow you to locate or track a lost or stolen device, features that also have helped law enforcement recover many phones and arrest their thieves. However, many users don't bother to set up these features.

Consider the volume of sensitive data someone might be able to access if they got their hands on your device. When including the hassle of setting up contacts and all your other preferences if you had to replace your device, the advantages of activating your auto-find features becomes clear. What's more, there are also apps that can allow you to remotely reset a phone to its original factory settings, wiping out all your personal information.

Put a PIN on your opening screen
Mobile devices usually give you the option of setting up a PIN at the opening screen, yet many users don't bother. This initial security step may be enough to frustrate a thief or hacker. Use at least six digits and make sure that you aren't using the same PIN that also accesses your email, banking apps or other secure information. Each PIN should be unique.

Be careful with apps
Apps are great, but sometimes they're malicious. Consider apps that let users turn their smartphone into a flashlight. While such apps are often free, many come with tons of pop-up and banner ads, which can make them more annoying than they are worth. More malicious apps can be designed to mine your phone for data.

Think carefully before allowing an app to track your location. For some apps, perhaps from the drug store chain you use, enabling it to track your location could be helpful as it will allow the app to guide you to the nearest retail facility. But why would you allow a flashlight app to track your location? Think of all the data you are giving away—the app developer will be able to figure out your time zone, local phone exchange and area code, possibly even your home address.

These are just a few of the new threats of using mobile devices. By educating customers on how to keep their devices more secure, banks can help mitigate threats to their mobile banking customers.

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.