Every year, millions of dollars are stolen from customers’ bank accounts by hackers, or due to the carelessness of customers. JPMorgan Chase systems were hacked and the names, addresses, phone numbers and e-mail addresses of 83 million account holders were reportedly exposed in one of the biggest data security breaches in history. Followings are the soft spots in m-banking, where one has to take due care:-
1. Illegitimate Software, Songs, Movies, Pirated Content
Avoid download illegitimate software, songs, movies etc from unauthorized websites. ‘Keybinder’, a software technology, inflicts malicious content on a file downloaded from unauthorized sites. Once Keybinder has lodged itself in mobile, it can be used to access your mobile banking details stored in your phone.
Solution: Banks do not store information on mobile phones. All bank-related information like debit card numbers or passwords are transmitted from the mobile to the bank in an encrypted manner.
2. MS Vulnerability
Spam messages are common these days such as those offering you a cruise ride in exotic places. Click on these, and you end up downloading malware, giving hackers direct access to personal banking information.
Solution: Banks have put in place tools that monitor spam mails. Lifehacker and google administrator are among the tools that can detect spam mails.
3. Settings and configurations of all other apps
When someone clicks ‘yes’ to pop-ups while downloading apps on mobile, it is likely that one may end up allowing someone to access mobile banking details.
Solution: Banks use apps that provide a score on operating system security updates and malware detection. The application either makes the decision to close the mobile app or passes on the score to back-end systems over a secure channel for investigations.
4. Using Wi-Fi
Through the use of free public or shared Wi-Fi, someone may unwittingly accept a malware application, which in turn will access information in the mobile.
Solution: Banks do not allow access to mobile banking if the request has come from a blacklisted IP address. Banks maintain a white list and black list of IP addresses and domain names to prevent apps from talking to other domains not specified on the white list.
5. Phone with no lock
If it is lost, it is a paradise for hackers, who can easily access your personal banking details with the bare minimum technologies.
Solution: Banks do not allow access to mobile banking unless the request has come from an SMS and voice-enabled mobile phone number. The bank follows a standard request format that is relatively safe.
6. Weak Password: Passwords with only letters is easy to break
Also, if you use the same password in all apps, your banking password can be obtained from other apps with the help of malware.
Solution: Mobile banking requires a six-digit password which is considered many times safer than using a four-digit password. The algorithm to hack a six-digit password is a lot more complex. Besides, the account gets locked after five attempts.