5 Security Tips for Banking by Smartphone

When you download a banking application to your smartphone, don't be fooled into thinking it's one and done. You'll need to check for updates on a regular basis -- and then download those, too. If you aren't performing these updates, your banking information may become vulnerable to hackers who prey on software weaknesses [source: Schwartz]. Just make sure you're downloading your bank's official app by getting it straight from your bank's Web site instead of an app store. Check the Web address to make sure it's your bank's official site and not a wolf-in-sheep's-clothing site that could compromise your account numbers or passwords. It's also a good idea to steer clear of "everybank" apps that promise to connect you with multiple banks because there's no guarantee your data won't be stolen by the app's creators -- who aren't bound by the same federal data restrictions as financial institutions.

For added security, use your banking app to sign up for account alerts. Many banks and credit cards will send you a text or email when there's activity on your account [source: Rosencrance]. You'll know, almost immediately, if a fraudulent charge or withdrawal is made.

The general security tips you follow online, like creating a strong password, should be followed when banking with your smartphone, too. The most infallible passwords should have eight or more characters, and include a combination of numbers, letters, punctuation marks and symbols that are located all over the keyboard [source: Microsoft]. If your smartphone has a prompt that offers to remember your password, refuse the convenience. It's better to manually enter the password each time than to risk storing it -- and offering one-click access to your financial accounts if your smartphone falls into the wrong hands.

You should password-protect your smartphone, too. Most smartphones, regardless of which operating system they use, have a screen lock option that prevents others from using your smartphone without your permission. Although screen lock setup varies, you can usually activate this security measure from your phone's settings menu and select your own PIN or code [source: Dachis].

Banking apps and Web sites incorporate security precautions to protect users' data, but there are two things you can do to safeguard your accounts, too: Don't connect to your account using public WiFi and don't text sensitive information to your bank.

Most smartphones connect to the Internet using either a wireless Internet connection or a mobile provider network, which is the most secure option. The problem with free WiFi is that imposters create look-alike WiFi networks and when you connect to them, your financial data can be intercepted [source: Saltzman]. Your best bet is to connect using your smartphone's 3G or 4G network or your password-protected home network, which are much more difficult for the bad guys to intercept data from.

You'll also want to steer clear of sending text messages to your bank about your account because text transmissions don't travel over a secure network. If your bank, credit union or credit card sends you a text -- even if it doesn't contain sensitive information -- don't store it in your phone [source: Rosencrance]. Keeping the information only gives more ammunition to would-be thieves if your phone is lost or stolen.

Don't want sticky fingers to come between your smartphone and your bank account? Your first line of defense is treat your smartphone as you would a wallet. When you're in public, don't store your smartphone in the exterior pocket of a bag or purse where it can easily get snatched. Don't set it on a tabletop when you dine or plunk it down on the bar when you belly up. And, if you're walking down a busy sidewalk, don't hold it loosely in your hand where someone could just come up and grab it [source: Rose].

You can help ensure that a missing smartphone is an inconvenience instead of a crisis by making a preemptive move. If you have an iPhone, install the Find My iPhone app, which can locate lost or stolen devices via GPS and clean out your personal information -- learn more about that part of the equation on the next page. If you have an Android-based smartphone, apps like WaveSecure offer similar services.

Although we haven't yet discovered an app that will cause a smartphone to self-destruct like a secret spy missive in a James Bond movie, we can share the next best thing: Data wipe apps that can be activated remotely.

A remote wipe app will reset your smartphone to its original factory settings, erasing your personal data -- like your contacts, emails or banking information. There are a variety of data wipe apps, including the Mobile Defense app for Android smartphones. The date wipe process is a little more complex for iPhone users; it requires a MobileMe account, a Find My iPhone app and the activation of push notifications [source: Dachis].

The good news is that, even with its inherent security risks, banking by smartphone may actually make it easier to safeguard your financial information than managing your money on paper. Thieves are more likely to access your account data by snatching bank statements from your mailbox than by digitally eavesdropping on your smartphone or computer [source: Huddleston].