How Secure is your Banking App?
Banking apps have become the preferred method of transacting for individuals and businesses in SA, offering the advantages of banking at a physical branch without the hassle. But as with all technology, convenience needs to be balanced against cybersecurity risk.
Unauthorised access to your banking app could give cybercriminals the keys to your full account balance, potentially causing a crippling, cash flow crisis.
While banks have invested in and implemented advanced cybersecurity strategies they aren’t always enough, and it is the responsibility of the customer to raise awareness among their staff. Some victims of banking fraud have waited months before their funds are returned – while others have had to write off the entire amount.
To help your business transact safely online, we’ve put together a checklist of dos and don’ts for banking app users. Let’s start with the essentials.
The necessity of secure logins
As every internet banking user knows, the first step to using a banking app is your login, but there’s more to a secure login that simply entering a password. One simple security practice to instil in staff is to ensure that they never use public wiFi connections to do online banking.
You’ll also need to ensure that your bank app allows you to login in a secure manner so that no unauthorised person can use your banking profile even if your phone or device is stolen.
Internet banking apps that use Face ID add an extra layer of security while multiple factor authentication using an OTP code (in the case of FNB) or other pin sent to your mobile number or email address provide a way of authorising transactions securely.
Avoid phishing and social engineering scams
Employees can easily be taken in by the sophistication of modern-day phishing scams.
Lately, criminals are targeting financial decision makers such as bookkeepers or controllers with genuine seeming emails and other text messages purporting to be from management.
This may not be a direct result of banking app security, but the fact that banking apps are often used to carry out these transactions makes it essential to avoid suspicious payment requests – even from colleagues and senior managers.
A concerning recent trend is the escalation of impersonation fraud which takes phishing to the next level.
- This type of scam involves comprehensive research on the part of cybercriminals to map out an organisation’s management structure and find ways to impersonate members of senior management.
- Once they’ve achieved this, they will typically contact employees via non-verbal means like email or private message and issue financial instructions which ultimately result in company money being deposited into the fraudster’s bank account.
- Savvy social engineering combined with AI has made it possible for hackers to imitate the tone of writing typical of specific senior managers.
- This could be achieved by studying articles that are published on LinkedIn or other financial media and using AI to produce devious messages using the manager or owner’s characteristic choice of words.
In summary, it’s essential for all organisations to follow the “trust but verify” model when dealing with financial transactions.
If a financial instruction hasn’t been verified over the phone or in person, it simply can’t be taken at face value just because an email or message was supposedly received from a member of management.
Add secure cloud storage to your cybersecurity strategy
Taking the steps above is an excellent approach towards securing your company’s financial and business information. Our range of secure cloud storage packages with data encryption add an extra level of protection to your valuable business data. Visit our product page today to learn more.