Your mobile banking app may help you avoid overdrawing your current account or spending too much money. But if youâre unsure of how secure it is, youâre not alone.
Reports suggest that many people still have security-related concerns when using digital banking channels. Among mobile banking users, thatâs the case for 67 percent of younger millennials, 58 percent of older millennials, 57 percent of Generation Xers and 63 percent of baby boomers, according to a recent study.
âOur recent mobile banking study confirmed that security, especially the fear of fraud, is a top online and mobile banking concern among consumers of all generations,â said Jenifer Valdivia, global marketing program manager at Jumio. âWhen it comes to online or mobile banking, consumers will not understand the technology their bank is using but need to feel confident that behind the easy user experience their financial data is protected.â
Sceptical consumers may be on to something. When it comes to security, all mobile banking apps arenât created equal, says Ryan Zlockie, global vice president of authentication at Entrust Datacard.
Ariel Sanchez, a security consultant at IOActive, has assessed the security risks associated with iOS mobile banking apps twice since 2013. He notes that quite a few apps were susceptible to attacks and a large number of them stored insecure data. His colleague found that mobile trading apps tend to be even less secure.
Other analyses have found similar results. In late 2016, Accenture and mobile app security company NowSecure assessed the vulnerability of 30 mobile banking apps. Every app had at least one security issue.
Making a mobile banking app secure, of course, is a complex endeavour.
âThose apps have to do a lot of really sophisticated things in terms of working on your device and then communicating it over the air to connect back to the servers and the data centres for the banks,â says Brian Reed, chief marketing officer at NowSecure. âBecause thatâs all so complicated â and more complicated than a simple website â thereâs lots of opportunities for things to break.â
Since his companyâs study was published, however, Reed says banks have made progress.
âWeâre seeing an improvement,â he says. âMy business is growing dramatically with the banks, so that would be an indicator that theyâre taking it even more serious.â
Whether youâre on team iPhone or team Android may also determine how secure your mobile banking experience is.
Among banking apps running on Android, NowSecure and Accenture found that 10 percent had medium-level security issues and 2 percent had high-level security issues. None of the banks running on Appleâs operating system had high-level issues, and 4 percent had medium-level security problems.
âYou tend to find sloppier code and more mistakes and more vulnerabilities on the Android platform because itâs just more like the wild west,â Reed says. âItâs easier to do bad things on Android than it is on iOS and thatâs what we find in the market in general.â
Some experts suggest that banking through a mobile device is safer than banking online. Others may disagree.
âI could put 10 security people in the room and half of them will say thatâs true and half of them will say thatâs false, but part of it is mincing words about you define security,â Reed says.
Some banks that have multi-factor authentication on their mobile apps donât provide the same capability on their websites, Reed says. Well-designed mobile apps donât store any data, and youâre less likely to hear about a virus on a smartphone.
âMobile phones have more security natively,â says Zlockie from Entrust Datacard. âThe apps are more protected than the open website experience.â
Unfortunately, thereâs no easy way to tell how secure your mobile banking app is. So youâll have to decide whether youâre comfortable using your bankâs digital channels to manage your savings account or see how much interest youâve earned on a ISA.
âIf you trust them to do web banking, you should feel fine trusting them doing mobile banking,â Reed says.
Of course, secure mobile banking apps have certain things in common. In addition to multi-factor authentication, technologically advanced banks may capture a digital footprint of your phone that prevents another device from being used to get into your account, Reed says.
If youâre curious about how your bank keeps your data secure, ask for a security report or additional information, says Sanchez from IOActive. Choosing a bigger bank could also work in your favour.
âThe smaller credit agencies, the regional banks, they donât necessarily have big and sophisticated security and mobile development teams, so they may or may not be as strong as some of the bigger banks,â Reed says.
Even if your financial institution is doing as much as it can to make mobile banking safe, you must do your part to protect yourself. Never log into your mobile banking app over public WiFi. And keep your phoneâs operating system and apps updated to avoid being exposed to security problems that a bank has fixed, Sanchez says.