Mobile apps aren't entirely risk free
There has also been an evolution in the breadth and depth of mobile application security solutions, such as mobile application integrity protection, said Kevin Morgan, chief technology officer of application-security provider Arxan Technologies in Bethesda, Md.
"Mobile app integrity products are now more sophisticated and provide greater facilities for hiding critical information," Morgan said.
Still, there are many opportunities for a cybercriminal to interrupt online-banking communications.
"The general threat to all mobile financial services is that critical business and security information for the transaction can be analyzed, tampered with, circumvented and even stolen," Morgan said.
"This can occur when you are running a tampered version of the original vendor application," he added. "You may have picked up a tampered version that was posing in an app store as a legitimate version.
"When you plugged into a public charger at the airport, your legitimate application may have been replaced," Morgan explained. "Or your legitimate application on your device may have been replaced or tampered with internally on your mobile device by another rogue application that you previously loaded and ran."
Best practices for mobile online banking
If you think your mobile device is secure enough for financial transactions, your best bet is to follow these tips to make sure your finances remain safe:
— Install apps only from trusted sources, and don't modify security settings on your devices.
— Disable the ability to set up new automatic bank payments online, if possible. Instead, set it up so that you have to go to the bank in person to create these types of transfers.
"If you sign up for a new credit card or get a new mortgage, you should have to go to your bank to add that creditor to your account," said Calvert.
"By having the ability to set up new creditors from your online account," he said, "you create the risk of a hacker using malware to access your account, then adding payments to another financial institution and emptying your account."
— Don't send personal information via SMS text message, and don't respond to texts that seem to come from your financial institution, Hughes said.
Text messages are not encrypted, so banks won't ask for personal information via SMS. If you transmit sensitive financial information on your mobile phone, be sure you are using a secure browser or app.
— If you are considering a mobile finance app, look for one that lets you remotely wipe the data from your cellphone if you lose it.
— Change your mobile-banking password frequently.
- 7 Ways to Lock Down Your Online Privacy
- How to Keep Your Smartphone or Tablet Secure
- 10 Best Mobile Security Software Products