Top 5 Mobile Banking Errors by Members
Call it banking’s Pogo moment: We have met the enemy and he is us.
“The weakest link in the online and mobile banking security chain is the end user,” said Mike Moir, an executive with security firm Entrust.
Just about every security expert points to this because surveys find that still among the most popular passwords are, you guessed it, password or 123456. Some email and etailer sites reject this kind of password as too weak but, in general, said the experts, financial institutions are reluctant to raise barriers to member use of mobile banking and if that means swallowing poor passwords, so be it. But those same experts suggested credit unions would do members a favor by urging them to use tougher passwords.
That is a key error pinpointed by Entrust executive Mike Byrnes. It’s human nature to try to maximize use of secret codes – thus necessitating less memorization – but it can be dangerous. Byrnes said he saw little harm in using the same password for, say, Twitter and Facebook – but do not also use it at a critical site such as banking. The recent LinkedIn password hack illustrated why.
Said Geoff Webb, director of product marketing, at data protection company Credant: “Users should re-set their phone to factory initial settings before even considering selling, recycling or donating their device. The biggest concern is that, obviously, personal information will be left on the phone and accessible to whoever subsequently owns it. However, people should also think carefully about the things that the phone has access to.”
The app may say XYZ Credit Union but don’t think about downloading it unless it’s via a link on the credit union’s website or from a well-known apps store such as Apple’s, Amazon’s or Google’s Play.
Security experts say there is a paradox. Most computer users by now have grown wary of clicking on unknown links in email on their desktop or laptop. But when that same email arrives on a mobile device – with its tiny screen which may make it harder to attempt to read the full URL address – we just may click away.