The recent InformationWeek article exposing new bugs in online banking applications that are utilized by various Smartphones really peaked my interest. Two of my biggest focus areas have been to highlight the risks of online banking along with some recent advice on how to keep your iPhones secure. The primary issues highlighted in the InformationWeek article include improperly configured security certificates, lack of encryption, and improper saving of sensitive credentials without user approval.
As a result of the findings many banks and other payment companies like Paypal are issuing new versions of their applications that are or will soon be available. This is an important reminder that helps reinforce a few important security principles we have already covered recently.
Smartphone Security Tips
#1 – Online Banking is risky enough when performed on a machine that is physically secure from theft. Performing online banking on mobile devices adds an additional element of risk that is not recommended. If you lose your device or it is stolen you are at an increased risk of having your credentials compromised.
#2 – Application updates occur regularly and are often issued as a result of security vulnerabilities. You must regularly check for updates for any installed applications on your Smartphone device and ensure that you have the most recent version of software. Failing to do so will put you at an increased risk for compromise and financial loss.
#3 – Be discreet about which applications you choose to install on your Smartphone. By installing new applications you potentially expose yourself to additional security vulnerabilities so your security is only as trustworthy as the vendor providing the application.