"With the increasing applications for smartphones, basically hackers are changing their focus on smartphones and tablets," said Nima Dezhkam, principal consultant of Security Compass. "This is inevitable."
This month, authorities discovered the first major security threat to mobile banking when a malware called Svpeng made its way from
Svpeng can steal only general information, such as the name of a bank, and not siphon money from accounts, said Dmitry Bestuzhev, of
The threat to mobile devices should put banks and consumers on notice, tech security experts say.
"Naturally, the criminals are evolving," said
Personal computers are a more lucrative target, because they often are connected to networks that give thieves access to an entire organization, Dezhkam said. Mobile devices offer access to one person. Also, unless mobile users grant permission to a malicious app to access their information, there's not much the malware can do.
But the ways people use mobile phones open them to risks.
Mobile apps tend to value convenience over security. That translates to caching of sensitive information, less complex passwords and fewer authentication steps, Dezhkam said. Antivirus software is not as common on mobile devices. And as people conduct more transactions through phones, the devices attract greater interest from virtual bank robbers.
Nearly 90 percent of adults have mobile phones, and the ubiquity is changing the financial service industry, according to a Federal Reserve survey. A third of mobile phone owners used them to do banking in the past year, up from 28 percent a year earlier.
The transactions that banks allow through mobile devices are more complex -- enabling customers to deposit checks, for example, or small businesses to accept credit card payments.
As competition for customers intensifies, mobile banking has become a leading way to attract business, especially young and minority customers.
"Security is an important part of the development process," Cleary said. "We have fraud detection and other security-related systems and processes in place, and continually update and refine these measures."
No law requires banks to reimburse customers if a hacker steals money, but it is a standard practice to hold customers harmless, said
"You want to make sure consumers feel safe and secure inside the banking system," Crosson said.
Everyone should have anti-malware protections on their mobile devices, Bestuzhev said.
Yet banks can do only so much to ward off malicious programs, Bestuzhev said. Consumers need to improve their habits.
First, they should never access their accounts when using public Wi-Fi.
"No banking on
"I think it saves a lot of time," said Moran, 27, a PNC customer.
Consumers should stick with apps developed by banks and never use those from third-party developers, Dezhkam said. They should be wary of any app that requests excessive personal information -- access to contacts, the phone's camera, or text messages.
(c)2014 The Pittsburgh Tribune-Review (Greensburg, Pa.)
Visit The Pittsburgh Tribune-Review (Greensburg, Pa.) at www.triblive.com
Distributed by MCT Information Services