Mobile Banking App

More than half of all e-banking trans­ac­tions are car­ried out via a smart­phone or tablet. Usu­ally, a spe­cific app pro­vided by the  finan­cial insti­tu­tion is used for this pur­pose. Mobile banking offers many advan­tages, but also holds quite a few risks.

This is how you use your mobile banking app in a secure manner:

  • Pro­tect your mobile device with our “5 steps for your dig­ital secu­rity”. Only a clean and secure device will ensure mobile banking is secure.
  • Only ever install your mobile banking app and all your other apps from the offi­cial store.
  • Only ever install apps you actu­ally need, and de-install any apps you don’t need (any longer).
  • Restrict access rights for each respec­tive app to the absolute min­imum.
  • Only con­nect your device to trust­worthy net­works when on the go.
  • Imme­diate lock your device in case of loss, and reset it prop­erly before selling or dis­posing of it.

Risks and advan­tages of mobile banking apps

Smart­phones and tablets are (small) com­puters and there­fore prone to sim­ilar risks as classic com­puters: Data loss or theft, mal­ware infec­tion, unau­tho­rised access, etc. There are addi­tional risks of mobile use such as loss or theft, too.

On the other hand, there are advan­tages such as mobility and reduced space require­ments. When using a mobile banking app, there is another deci­sive advan­tage: Unlike with classic e-banking using a browser, cus­tomers receive a ready-made bit of soft­ware which is specif­i­cally adapted to elec­tronic banking by their finan­cial insti­tu­tion and is thus effec­tively secured.

This relieves secu­rity-con­scious users of such onerous tasks as manual entry of the bank’s address in their browser, and the need to check whether a con­nec­tion is secure, since unlike browsers, banking apps take care of such tasks auto­mat­i­cally and in the back­ground. This min­imises the risk of typ­ical appli­ca­tion errors, such as typing mis­takes and phishing - always pro­vided users observe some basic rules.

Using mobile banking apps securely

Estab­lish a basic level of pro­tec­tion

The first step is to min­imise those gen­eral risks the use of a mobile device poses. You should there­fore follow our “5 steps for your dig­ital secu­rity” for your mobile devices, too. In par­tic­ular, you should make sure that you have switched on your auto­matic screen lock using a code, pass­word, fin­ger­print or face recog­ni­tion fea­ture.

The need to remain alert is par­tic­u­larly vital with smart­phones and tablets: Never leave your device unat­tended. Make sure that you don’t let anyone else know your log-in infor­ma­tion such as PIN, TAN and pass­words, always con­ceal them when log­ging in, and ensure that no-one looks over your shoulder while you do so.  Always be wary of opening e-mails, attach­ments, Mes­senger noti­fi­ca­tions (for instance What­sApp) and MSS. What­sApp and MMS can be abused for spreading mal­ware, too. Don’t click on any unknown links, and imme­di­ately delete any mes­sages by unknown senders. Before calling anyone back, please check out any unfa­miliar num­bers.

Check app ori­gins

Only install apps you actu­ally need, and ensure that they orig­i­nate from rep­utable sources, i.e. directly from an offi­cial store (e. g. Apple App Store or Google Play Store).

Remain wary towards apps with a low rep­u­ta­tion or with rec­om­men­da­tions by per­sons unknown. If you have never heard of the provider, find out more about them before installing any app.

You should also check peri­od­i­cally which of your apps you are actu­ally still using. De-install any obso­lete apps and those you no longer need - every addi­tional app is an inherent vul­ner­a­bility.

Notify your finan­cial insti­tu­tion imme­di­ately in case of error mes­sages and unusual events.

Restrict access rights

Many mobile apps grant them­selves exten­sive access rights with no apparent jus­ti­fi­ca­tion. It is for instance not nec­es­sary for any old app to access data such as loca­tion, address book or tele­phone status. You should there­fore crit­i­cally check whether an app actu­ally needs these access rights to func­tion, and deac­ti­vate any rights not required if pos­sible.

Check net­work provider

Your smart­phone or tablet can estab­lish a con­nec­tion to your finan­cial insti­tu­tion in sev­eral ways. On the go, your device will con­nect with var­ious net­works. If you use a WiFi con­nec­tion, you should ensure it offers con­fi­den­tiality: Dubious providers of “free” WiFi net­works can refer your banking app to the wrong server and cap­ture any access data you enter.

With Android devices, you can set up an addi­tional fire­wall app to mon­itor and secure active con­nec­tions. With iOS devices (iPhone/iPad), this is nei­ther pos­sible nor nec­es­sary.

Handle loss, sale or dis­posal cor­rectly

If your smart­phone or tablet ends up in the wrong hands, data or access data stored there might just be cap­tured and abused.

With the help of var­ious apps, lost or stolen mobile devices can be locked remotely. This will ensure your per­sonal data on your device are erased and can no longer be retrieved. Once you have locked your device, you should also have your SIM card provider lock the card.

If you don’t want your stored data to end up in the wrong hands when selling or dis­posing of your device, you should remember that data traces can remain if you haven’t securely erased all data storage media before­hand. How to do so is for instance described on the Apple web­site and on SRF. As long as you no longer wish to use it, you should of course also remove the SIM card and destroy it.

The term “mobile banking”  denotes the pro­cessing of banking trans­ac­tions via mobile devices, such as a smart­phone or tablet.

Next to the option to access your e-banking facility via your browser, spe­cific apps are also increas­ingly used for this pur­pose.

 

Info sheet: Down­load (PDF)

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic courses

This basic course will point out cur­rent threats on the Internet and con­veys mea­sures as to how you can pro­tect your­self by taking some simple mea­sures.

fur­ther infor­ma­tion

Prac­tical courses

Learn and prac­tice the most impor­tant mea­sures for your com­puter and e-banking secu­rity on com­puters pro­vided by us.

fur­ther infor­ma­tion

Send this to a friend