Mobile Banking Security Tips
The safety and security of your personal information is very important to us. We offer these tips to help you strengthen the security of your mobile device:
- Lock your Device.
Use the keypad lock or phone lock function on your mobile device so that when it is not in use, no one else can use it or view your information. Be sure to keep your device in a secure location when you are not using it to protect it from being stolen or used by an unauthorized party.
- Use your mobile phone’s security features.
Enable encryption and remote wipe capabilities if available. Consider using additional security software and antivirus solutions that may be available for your type of mobile phone. Refer to your phone’s user manual or contact your mobile provider for more information on these features.
- Do not follow links sent in suspicious email or text messages.
This action could lead you to websites that cause malicious code to be downloaded to your device. Never reveal account information or passwords in an email or text message claiming to be from the bank. The bank will never ask you for this information.
- Limit exposure of your mobile phone number.
Refrain if possible from posting your mobile phone number on a public website. Attackers can use software to collect mobile phone numbers from the web and then use those numbers to target attacks.
- Do not store sensitive or personal information on your mobile device.
If an unauthorized party accesses your mobile device, you will be more vulnerable if you store personal information such as passwords and account numbers on the device. It is a good idea to delete browser history, text messages and files from your device regularly.
- Use care when downloading apps.
Download mobile apps only from reputable sources such as your provider’s app store to avoid downloading applications with malware or malicious code.
- Disable interfaces that are not currently in use, such as Bluetooth, infrared, or Wi-Fi.
Attackers have been known to exploit weaknesses in software that use these interfaces.
- Set Bluetooth-enabled devices to non-discoverable.
When in discoverable mode, your Bluetooth-enabled devices are visible to other nearby devices which may include a cyber attacker’s device.
- Avoid joining unknown Wi-Fi networks and using public Wi-Fi hotspots.
Attackers can create fictitious Wi-Fi hotspots designed to attack mobile phones and may monitor public Wi-Fi networks for unsecured devices.
- Delete all information stored in a device prior to discarding it.
Check the website of the device’s manufacturer for information about securely deleting data. Your mobile phone provider may also have useful information on securely wiping your device.
- Be careful when using social networking applications.
These apps may reveal more personal information than intended, and to unintended parties. Be especially careful when using services that track your location.
- Do not “root” or “jailbreak” the device.
"Jailbreaking" is the process of removing the locked features or limitations imposed by the provider’s (i.e. Apple, Android, Blackberry) root operating system. Altering the firmware on a device may open it to security vulnerabilities and may prevent the device from receiving future operating system and security updates.
- Delete Text banking conversations.
Always be sure to delete text messages from the bank containing your account information. When using BSB Mobile, your account numbers are masked.
- Add the bank’s shortcode to your contacts.
Add the bank’s shortcode to your contacts so that text requests are initiated from there and not from past text conversations.
- Configure web accounts to use secure connections.
Accounts for certain websites can be configured to use secure, encrypted connections (look for “HTTPS” or “SSL” in account options pages). Enabling this feature deters attackers from eavesdropping on web sessions. When you visit the bank’s mobile banking site, the connection is secure and encrypted.
If Your Mobile Phone is Lost or Stolen
- Remove the device from mobile banking access.
If your mobile phone is lost or stolen, you can disable or remove access to the device from the ‘Manage Mobile Banking Settings’ link in online banking. You may also contact the bank at 800.356.8622 during normal banking hours and speak with a customer service representative.
- Report the loss to your organization and/or mobile service provider.
If your mobile phone was issued by an organization/employer or is used to access private data, notify your organization/employer of the loss immediately.
- Report the loss or theft to local authorities.
Depending on the situation, it may be appropriate to notify relevant staff and/or local police. Keep a record of your mobile phone’s make, model, phone number and serial number. It may be needed by your phone carrier or law enforcement if the phone is lost or stolen.
- Change account credentials.
If you use your phone to access any remote resources, such as corporate networks or social networking sites, revoke all credentials that were stored on the lost device. This may involve contacting your IT department to revoke issued certificates or logging onto websites to change your passwords.
- If necessary, wipe the phone.
Some mobile service providers offer remote wiping, which allows you or your provider to remotely delete all data on the phone.