(Newswire.net — April 25, 2019) — Over half of all e-banking transactions today are handled by smartphone or tablet. Banking software development services like mobile banking have many advantages, but a few basic rules should be followed for security. Because the ability to always and everywhere have the devices with them and constantly connect them to the Internet, holds additional potential for danger.
1. Install only necessary apps and only from official store
Only install really necessary apps (programs) and make sure that they come from a reputable source, ie from the official store (eg Apple App Store or Google Play Store).
Be wary of low-reputation apps or recommendations from strangers. Before installing an app, find out if the provider is unknown to you.
From time to time, check which apps you’re using at all and uninstall outdated and no longer needed apps – every additional app is a potential security hole.
If available, use the official e-banking app of your financial institution instead of the web-based solution via a browser.
2. Restrict access rights
Many apps give themselves full rights for no apparent reason. Access to, for example, location data, address book or phone status is not required for every app. Therefore, check critically whether the access rights to fulfill the functionality are really necessary and, if possible, deactivate any unused rights.
In principle, you should be very cautious about sharing your location information: Avoid localization services and do not store location information in photos you upload to the Internet. Thieves and hackers could take advantage of this information.
3. Secure mobile device against unauthorized access
Loss and theft are far greater risks with mobile devices than with the home PC. Make sure your device’s existing security settings are turned on. Always activate the screen lock by means of code, password, and fingerprint or face recognition. You should also encrypt the data on your mobile device. This makes it impossible for unauthorized persons to access your data and apps via the USB connection cable.
iPhone / iPad : Under Settings / User / Password & Security you can protect the device with a numeric code or password. Under Settings / Touch ID & Codes you can store fingerprints and thus protect your device. With the iPhone X the face recognition can be configured under Settings / Face ID & Code. The data is automatically stored encrypted on the iPhone or iPad.
Android: Depending on the device, you can set the code lock under Settings / Security. Under Encryption & Credentials, enable Encryption of your data.
4. Do not store sensitive data on the device or in the cloud
Never store access data such as PIN, TAN and passwords on your mobile device. Unfortunately, a device protected under Rule 3 does not guarantee 100% protection against hackers. Therefore, disable the automatic storage of passwords in the browser and in the store as well as their backup in the cloud. An automatic cloud backup is convenient, but should not include sensitive information. However, you should regularly back up other data such as photos via PC / Mac or cloud service in order not to lose them in the event of device loss or malware infection.
5. Allow only necessary and trusted connections
Your smartphone or tablet can connect to your financial institution or other device in a variety of ways: WiFi, Wi-Fi , NFC, Bluetooth , Infrared, 3G / 4G / 5G, USB, etc. Disable any unnecessary connection types during your e-banking session, Turn off the GPS function as well. Use WPA2 or WPA3 encryption in the WLAN. Deactivate the setting “Automatic call acceptance” as this could be misused for an unnoticed connection.
For USB: Connect your mobile device only to trusted computers, because even in this way malware can be transmitted. Also, do not accept a connection request if it is unclear which device you want to contact.
For Android devices, you can also set up a firewall app to monitor and secure the active connections.
6. Keep the device up-to-date and clean
Install available updates for the operating system and all installed apps as soon as possible. Activate the automatic update function. Important: Updates can also be used to change or extend access rights (see Rule 2). Install an antivirus app on your Android device (not required on iPhone and iPad). Do not jailbreak your iOS device.
7. Use two-factor authentication
All e-banking applications today use two different security elements. Be aware of mobile banking in conjunction with the mTAN or PhotoTAN method: the security advantage that results from using two independent communication channels is missing! In this case, use a special device for this purpose only (eg old smartphone or a dedicated TAN device provided by your bank).
8. Be vigilant
Do not leave your device out of sight. Make sure that you do not tell anyone about your access data such as PIN, TAN and passwords, and that nobody is looking over your shoulder. Be careful when opening emails, attachments, messenger messages (eg WhatsApp) as well as MMS. Malware can also be distributed via MMS and WhatsApp. Do not click any unknown links and delete messages from unknown senders immediately. Check unknown numbers before the callback.
9. Lock immediately if lost
Lost or stolen devices can be locked remotely using various apps. This will erase your personal information on the device and stop calling it. But beware: Such commands can also be used by malicious third parties. Pay attention to a trustworthy provider. After the device has been locked, you should also have the SIM card blocked by your provider.
10. Reset before sale or disposal
If you do not want your stored data to fall into the wrong hands when you sell or dispose of your device, keep in mind that data traces may remain unless all data stores have been securely deleted.