Already, an estimated 30 million customers are banking by smartphone, mostly those in the under 30 set. However, the number is expected to double in two years. It means phones may be targeted by hackers and consumers need to be on guard.
Whether she's shopping, buying a latte, or considering an expensive meal out, Francesca Leonard consults her smartphone first. "I have fluctuating bank accounts all the time," she says. "I want to be able to know how much I have before I go into a purchase."
The mobile banking app on her smartphone shows her exactly how much she can spend, right on the spot, and she's come to depend on it.
"Yeah, because I don't ever overdraw," says Leonard. "I know exactly what is in my account at all times."
She makes deposits, receives her paychecks and even takes pictures of her check deposits. And like many in the under 30 set, Leonard doesn't worry about somebody stealing information off her phone.
"Well, the reality today is the biggest risk to you is to lose your phone," says Symantec mobile security expert Kevin Haley. He says banking on your phone is about as safe as banking on your home computer, with one major difference. "It's very hard to lose your desktop computer, but it's very easy to lose your phone."
Haley says thousands of phones are lost and stolen every year, and finders tend to want to fish around for the stored data. So protect yours with a password that locks the phone if you lose it. He also says consumers should be wary about downloading apps. Hackers who target personal computers will soon be trying to get into your mobile phones, too.
"As we begin to use cellular phones for financial transactions undoubtedly, they will be looking for ways to insert themselves into that and get a piece of it," he says.
Doug Johnson, risk manager for the American Bankers Association, says customers should download apps only from well-known marketplaces, like the Apple store. Phony apps are already being used to install malware and control cellphones. However, he says banks are protecting your transactions, too; for one thing, banks must encrypt all transmitted data. Also, bank apps typically require customers to know a username and password and answer a security question.
"They do your password, plus your dog's name or what street you live on," Leonard says.
Here's a few measures customers can take to protect mobile transactions:
- Always download your bank app directly from the bank to ensure it's authentic.
- Never set your banking app to auto-populate your username and password, in case the phone is lost or stolen.
- Never make a transaction over a public WiFi network where spies could intercept your data.
Leonard says she hadn't thought of any of the risks. "Yeah, you know, I think I was being lazy and not putting the password on my phone and it just takes a few seconds."
If you bank on your smartphone, ask what security measures they include. It should include a password, security questions, and provide automatic alerts if there's unusual account activity.