74% of Consumers Concerned about Security when Making Mobile Payments

October 4, 2011

New research by the Ponemon Institute paints a sobering picture of consumer concerns when conducting transactions via a mobile device.  In addition to the 74% who are concerned about their online security when making mobile payments, 72% were worried about becoming the victim of online fraud.

Other findings:

  • Of those polled, 29% said they used their phones to engage in mobile banking, while 67% believe they are either completely or partially protected when engaged in mobile banking.
  • 51% use mobile transactions for the convenience it offers, and 25% do so because they believe it provides increased security.

The research concludes that consumers attitude regarding their security in online transactions more to do with how active they are online – the more frequently they make online transactions the safer they feel when doing so. Yet the researchers admonish companies that they are not off the hook; noting that the best way to increase consumer confidence is to increase company spending and oversight on providing rigorous security.

6 things you can do to be safer when transacting online:

  1. Secure your computers and smartphones with anti-virus, anti-spyware, and tools.
    Keep them current and use them unfailingly-as automatically as locking your door when you leave the house. A computer that does not have security software installed and up-to-date will become infected with malicious software in an average of four minutes. That malicious software will steal your information and put you at risk for crimes.
    1. You must have anti-virus and anti-spyware software installed and up-to-date. If your computer or phone isn’t protected from Trojans, viruses and other malware, your financial information, passwords and identity will be stolen. This concept is so basic, yet only 20% of the US population adequately protects their computers. If the cost of security software is prohibitive, use a free service.
    2. Secure your internet connection – Make sure your computer’s firewall is on. If you use a wireless network it needs to be encrypted so someone who is lurking outside the house can’t collect your information. If you need a free firewall, click here. Never use a public WiFi service for any type of financial transaction or other type of sensitive information transfer.
    3. Use added protection on sensitive financial information with passwords or store on a flash drive, CD or external hard drive For added protection all year, keep your finances inaccessible to anyone who uses (or hacks into) your computer. You can do this by password protecting individual files or folders on your computer, or choose to keep this information on a flash drive or CD that you keep in your safe or other secure location.
  2. Use caution on public WiFi hotspots. Do not log onto sensitive sites (banking, shopping…) from an unsecured connection.  When using a public computer, uncheck the box for remembering your information.
  3. Use strong, unique passwords for every site. Creating strong memorable passwords is easy and can actually be fun – and the payoff in increased safety is big. The key aspects of a strong password are length (the longer the better); a mix of letters, numbers, and symbols; and no tie to your personal information. Learn how with my blog Safe passwords don’t have to be hard to create; just hard to guess
  4. Watch your surroundings. Pay attention to who is around you so that they do not see you type your passwords, credit card numbers, PIN’s, etc., or read sensitive information you may be sharing.
  5. Put a credit freeze on your accounts. Block ID thieves from opening new accounts under your name by freezing or blocking access to your credit files. Learn more about creating a credit freeze here.
  6. Check your credit reports. Under the Fair Credit Reporting Act, you have the right to one free credit disclosure in every 12-month period from each of the three national credit reporting companies: Experian – http://www.experian.com/consumer-products/triple-advantage.html, Equifax – http://www.econsumer.equifax.com, TransUnion – http://www.truecredit.com/?cb=TransUnion&loc=2091
    1. Request a free credit report from one of the three companies for yourself, your spouse, and any minors over the age of 13 living at home to check for credit fraud or inaccuracies that could put you at financial risk. (Although exact figures are difficult to get, the latest data shows that at least 7 percent of identity theft targets the identities of children.) The easiest way to do this is through AnnualCreditReport.com.
    2. You can also pay for credit monitoring services that will alert you to any suspicious activity or changes in your credit scores.



Banks Blame Businesses When Hackers Empty Their Bank Accounts

August 18, 2011

“If every [business] knew their money was at risk [from online fraud] in small and medium-sized banks, they would move their accounts to JPMorgan Chase,” said James Woodhill, a venture capitalist who is leading an effort to get smaller banks to upgrade anti-fraud security for their online banking programs. “That’s because JPMorgan Chase is the only major U.S. bank that insures commercial deposits against the type of hacking that plagues smaller banks.

There is an excellent article in BusinessWeek titled Hackers Take $1 Billion a Year as Banks Blame Their Clients that is a must read piece. It provides a clear explanation of the insurance loophole that is wiping out businesses, school districts, churches, and local governments bank accounts, when and how cybercriminals strike; why small banks aren’t stepping  up,  why law enforcement is struggling to deal with  the issue; the role of malware in these exploits, and what led to the creation of the yourmoneyisnotsafeinthebank.org website.

Read it.


Use of Mobile Banking Increases – Are You Protected?

November 30, 2010

Consumers have become more confident about using their mobile phones for banking transactions according to new research from The Nielsen Company. This trend is also outlined in a recent white paper from Juniper Research that projects the number of worldwide mobile phone users who perform mobile banking will double from 200 million this year to 400 million in 2013. In the U.S., it is the more affluent consumers who are leading the charge, but in the rest of the world, it’s far more likely to be the norm for all users.

For consumers, the appeal of mobile banking is clear; it’s convenient, and empowers us through real-time balance checks and transfers of funds, and provides a more consistent banking experience. However, with all these benefits come risks that every mobile user of financial services should be aware of, and take precautions against.

The risks are pretty straightforward: crooks want your cash and/or your credit – and they’re willing to go to some work to try collecting the information they need to steal it.

Ask yourself three questions before transacting through your phone:

  • Is your phone secure? As more consumers use smart phones, and a few key market leaders emerge, malware targeting phones will continue to increase. Be sure you have up-to-date security software, which means antivirus and anti-spyware protection installed.
  • Do you have a secure password/PIN? Every phone should have a password lock to prevent others from using it. However, if you have any sensitive information stored on your phone, you need to be particularly diligent in ensuring your phone’s password is strong.  See my blog Safe passwords don’t have to be hard to create; just hard to guess. Then, don’t share your password with anyone or respond to any e-mail requesting that information.
  • Is your connection secure? If you are surfing over your phone carrier’s network, you are quite safe, however, if you are using WiFi to connect, be sure you know and trust the WiFi connection. Do Not use a public WiFi for financial transactions. See my blog Like Lambs to the Slaughter? Firesheep Lets Anyone be a Hacker

If you’ve successfully answered all of the above then you’re off to a good start. The bottom line: Before you conduct your most sensitive financial transactions you need to be absolutely certain both the Internet connection and the mobile device or computer you’re using is secure. If you don’t have 100 percent confidence – don’t take the chance.