Mobile Bank Security considerations Mobile Bank Security considerations

No.

Threat

Recommendation

1

One of the greatest threats of mobile phone is malwares which are apparently similar to mobile bank apps. However, in fact, they are malwares that are able to steal information of users’ account or it is likely that they may be semi-malwares which jeopardy bank information of persons due to lack of necessary security mechanism.

You should receive mobile bank apps from the main website of banks and/or reliable and confirmed resources of the bank.

2

Using public Wi-Fi networks enables the hackers to steal your information such as ID, password and bank information.

You should not use mobile bank apps while connecting to Wi-Fi networks.

3

In fishing attacks, the malicious person uses social engineering techniques and send you some messages through different connection paths such as emails, SMS and social networks such as Viber and Telegram leading the users toward fake destinations (for example, fake internet bank) through which he steals information and/or contaminates the user’s device.

Avoid clicking on links or receiving the files sent to you by unknown persons or different groups. For this purpose, you should control your sense of curiosity.

4

New malwares with new methods and mechanism are growingly developed and are received from different ways.

Use anti-malware software sets of mobile phones which are updated.

5

Security weaknesses of operating system and apps of mobile bank may lead to misuse or penetration to mobile phone.

Include operating system updates and applicable software sets used especially mobile bank app in your program.

6

Many malwares are presented in form of applicable programs and in order to increase area of their penetration, they obtain the exceeding permissions.

Avoid installing mobile phone applicable programs requesting for exceeding permissions.

7

Most modern operating systems of mobile phone have internal security mechanism provided as default to decrease risk of malwares. Providing access permission to root in Android operating system or indicating the phrase “Jail Break” (IOS), these mechanisms shall be deactivated.

Provision of access permission (Root) in Android operating system by indicating the word “IOS break” and deactivating security mechanism should be avoided.

8

Some malwares provide the accessibility to review of files aiming at achieving confidential information.

Significant information concerning bank account such as card password, expiration date of card and CVV2 should not be saved in mobile phone.

9

Most invaders are seeking for the accounts with considerable balance that can be accessed through online banking services (including mobile bank services).

Avoid connecting of the accounts with considerable financial turnovers to mobile bank services.

 
Modified Date1398/4/23- 15:24