As mentioned previously, I think using a PDA or smartphone to do your personal banking is inherently risky. But if you are compelled to use your Droid/iPhone/BlackBerry as a miniature teller, please take these basic precautions to protect your accounts, your money and your identity:
- Arrange your phone settings so the screen locks after a short period of inactivity.
- To wake your phone back up, don’t simply press a button. Secure it with a password, one that’s different than all your other passwords (ATM machine, email accounts, online bill paying accounts – every one needs a different password). I know. I know. It’s a real pain. But make no mistake, it’s important.
- Before you sign up for a mobile banking app, READ THE fine PRINT. Can you delete all banking-related messages, pictures and other data saved on the phone? Can you disable the feature that automatically signs you in to your online bank account the minute your phone is turned on? Once you’re connected to your account, will the app automatically disconnect after a certain period of inactivity? If your bank answers “No” to any of these questions, it’s time to find a new bank.
- If you participate in mobile banking, you’ll be receiving a number of sensitive messages from your bank and saving pictures of valid checks. Make sure your phone has an application to encrypt all stored data. Then, use it.
- Your photos of checks and other sensitive banking data may be stored on your phone’s memory expansion card. Even if the phone itself is secured with encryption, the card probably isn’t. You should set up the card to automatically encrypt data. Note that some older phones don’t have enough power to run encryption software. If you have a BlackBerry, learn how to secure it here. iPhone users click here.
- DON’T believe the hype. Cell phones DO get viruses. Protect yours by downloading antivirus software and enabling firewall protection. And make sure to update that software. Take note: Failing to update software is like being a member of a gym and not working out – looks good, sounds good but does nothing for you.
- Your bank will NEVER ask you to verify your personal and banking information by email. If you receive a message asking you to do so, it’s from an identity thief. Mark it as spam, and delete it. Next, delete all your cached content (sent messages, received messages, etc.) on a regular basis. Finally, check your browser security settings to help filter out phishing emails.
- Be equally skeptical about text messages. Before opening a text that appears to be from your bank, and especially before hitting “reply,” call your bank first to make sure the message is actually from them.
- With some phones, you can delete all the memory from remote if the phone is lost or stolen. Others lock up permanently after a certain number of failed login attempts.
Bottom line: If you plan to use mobile banking apps, I highly recommend making sure that your phone is protected by the best security available. That means taking some time to educate yourself on how to recognize malicious attacks and keep yourself safe while mobile banking.