Mobile-Phone Banking: Convenient and Safe?
With the introduction of an iPhone app that lets you deposit a check by taking a picture of it, options for mobile banking are growing rapidly. And though you might think the boost in convenience comes at the expense of security, banking on your cell phone can actually be safer than using your PC if you take basic precautions.
You have three options for mobile banking: downloading a dedicated program for your cell phone, using your phone's browser to access a mobile version of your bank's site, or simply sending an SMS message.
Downloadable apps vary, but an iPhone app from USAA is at the cutting edge of innovation. Qualified USAA customers (limited to credit-approved military personnel) can use it to make deposits by taking a picture of a paper check, which they then void and toss.
But while the USAA app allows for sending money to a predefined payee, it doesn't let you create a new payee (though you can do so on the USAA Web site). It's a common restriction among downloadable apps, intended to prevent someone else from picking up your phone and sending themselves your money.
Accessing online banking via a phone's browser generally offers all the same options as accessing the site from a PC. But downloadable apps and mobile sites both typically require logging in with the same user name and password you'd use on your PC. They also use encryption for communications to and from the bank.
SMS messages are the least secure method of banking, as SMS doesn't normally allow for encryption. This option is also the most limited. Wells Fargo's SMS service, for example, allows only for low-risk activities such as checking your current balance or finding an ATM.
The Myth of Mobile Insecurity
Using any of these options on something you carry in your pocket--and might easily lose--may seem inherently insecure. Truth be told, any cell phone option is largely safe from malware, one of the biggest threats to online banking. The variety of mobile operating systems and other factors mean that, for the time being, there's no real risk of leaving your phone open to password-stealing baddies or malware. Largely for that reason, Tom Wills, a senior analyst for Javelin Strategy and Research, says that mobile banking can be safer than using online banking on a PC--as long as you've enabled the phone's available security features. Because your phone might someday end up in the backseat of a taxi without you, mobile precautions go beyond the ones you'd use on a PC.
How to Practice Safe Mobile Banking
Using a PIN or a password to lock your phone is the first option, and it's a no-brainer--just knowing which bank you use can help a potential ID thief. Next are remote-wipe options that let you clear the contents of your phone if you should ever lose it. Wills says some banks offer the feature for their downloadable apps. You can remote-wipe BlackBerrys and iPhones (if you pay for the MobileMe service), too, and some programs such as Kaspersky Mobile Security offer the feature for phones running Symbian OS or Windows Mobile. And SMS messages, the least-secure option, can themselves provide some security support if you tell your bank to send you a text after large or potentially suspicious transactions (usually you can set up such alerts via online banking).
Considering how much personal info most people keep in their e-mail accounts, losing your phone can be a security risk even if you don't use mobile banking. But the combination of power-on passwords and mobile safeguards from the banks can make cell phone banking just as safe as it is convenient.