Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Safest way to bank online? Your cell phone

By Erik Larkin , PC World , 05/05/2008
  • Share/Email
  • Tweet This
  • Comment
  • Print

So you want to bank safely online? Then ditch your computer and make the transaction via your cell phone instead.

Using a mobile handset for this most sensitive online act might sound counterintuitive, given that phones are prone to being lost or stolen, but your cell phone might actually be safer than your computer for paying bills or checking your statement online.

Some phone malware does exist, and examples tend to make headlines due to their novelty. But the main threats to online security, such as keyloggers, Trojan horses, and other data-stealing software, don't exist for phones--yet.

"The risk of being infected on a mobile phone is tiny in comparison [with a PC]," notes the security firm Sophos in its annual threat report.

Remote Control

Security firms have long marketed antimalware products for mobile phones. One such company, Kaspersky, acknowledges the lack of threat from mobile malware (at least in the United States). Recently, as a way to appeal to the market here, it added the ability to remotely wipe out sensitive data on a lost or stolen handset to its mobile security product.

"There's a whole lot of upside and security advantages to mobile devices," says James Van Dyke, president of Javelin Strategy and Research, a financial services research firm.

Financial services for cell phones are plentiful. PayPal lets you send money to another person via your phone. Companies including Obopay, mChek, and KushCash are joining in. Bank of America, Wells Fargo, and others also offer services.

Cell phones dodge malware because they run many different operating systems. Security experts agree that crooks stand to steal much more by investing their time in writing a new Windows virus that is capable of infecting millions of PCs than in constructing a Trojan horse that can target only a certain type of phone.

Android Danger

 But that may change. Google is hard at work on its Android phone OS, and iPhones make their way into more and more pockets and purses daily. So while phone OS consolidation holds great promise for better apps and services, it could also make phones more of a target.

Look no further than the Mac for an example of what may come. Apple's OS is still largely ignored by the bad guys, but its growing popularity means that it's no longer a haven of guaranteed security. Last November, Sophos notes in its report, a Mac user who happened across the wrong Web site risked getting infected by the OSX/RSPlug malware, which sought to subvert Mac network settings and to force any browser used on that Mac toward phishing and ad sites.

Not Out of the Woods Just Yet

The fact that little mobile malware exists does not mean that cell phones are completely safe, of course. Banking and payment systems require passwords and/or PINs, so someone can't just pick up your phone and start transferring money out of your account. But there's still plenty of personal information that someone could obtain through your phone.

Phishing--the other big threat to online financial security--may be even more dangerous for phones than for computers. If you read e-mail on a smart phone, you'll see phishing messages. And whereas on the desktop both Internet Explorer and Firefox employ built-in antiphishing protections, mobile browsers do not.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Comments (1)
Login
Forgot your account info?

Not so secure...By Anonymous on May 6, 2008, 12:53 pmSecurity paradigm has been shifted to application based attacks than client based since past couple of years. We may see more and more attacks on application and...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed