ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Is Mobile Banking Actually Secure?

Updated on January 30, 2017
T N Jed profile image

Theo is a financial services employee with an interest in personal finance and music

Mobile banking has arguably done more to simplify financial management than any other process or platform in the market. For some, checking balances is as easy as opening an app and tapping an arrow to see a drop down table listing available balances. The benefits from mobile banking are numerous and retaining control of one’s finances is more accessible than ever. However, consumers are still wary of this technology and possible security flaws. According to a report released by the Federal Reserve in 2016, “concern about the security of the technology was a common reason given for not using mobile banking or mobile payments (73 percent and 67 percent, respectively, of non-users)”.

With such an overwhelming statistic given as the reason for not utilizing the mobile banking platform, it begs the question: How safe is mobile banking? Well let’s find out.

The Security behind Mobile Banking
The Security behind Mobile Banking | Source

To put it simply: Yes, mobile banking is secure*. Here are some of the reasons why.

(*Please bear in mind that security offerings differ between financial institutions. If you determine your financial institution to be missing some of the features below, you may want to consider changing institutions if mobile banking security is of important to you.)

Common Industry Security Standards:

A number of security measures are common across financial institutions and help provide a sturdy foundation for secure mobile banking. These measures include either SMS or email verification codes for first-time users that help to provide an additional layer of authentication. Even if a hacker obtains your log-in credentials, many institutions can recognize an unusual log-in attempt and will send a verification code that must be accessed from a user-verified channel in order to authenticate the log-in attempt. Otherwise, the hacker is out of luck.

Example SMS Verification
Example SMS Verification | Source

Encryption is an absolute essential for banking security and you’ll find many institutions have done well at ensuring this measure is provided. 128-bit encryption is the standard go-to, having this feature ensures all data that is transmitted through the app is protected from snooping eyes. Aside from this, a number of other measures exist such as automatic timeouts that ensure no one can access your account if you’ve been inactive for a set period of time, refraining from storing data on the user’s phone so that no data is able to be obtained physically from the phone’s storage, and in the case where fraud does occur, many banks offer a Security Guarantee in which any fraudulent charges will be reimbursed if reported within the designated time limit (often 60 days).

Encryption prevents hackers from snooping on your data
Encryption prevents hackers from snooping on your data | Source

With some of the more common features out of the way, let’s look at some more innovative examples of how banks are protecting the security of mobile users. Perhaps the most ubiquitous security measure is multi-factor authentication. For example, Frost Bank based in Texas has a 4-digit PIN code that has to be entered in order to access the app, unique to the mobile platform. Likewise, Capital One has SureSwipe where customers make a unique swipe pattern with their finger to log-in. Capital One also sends purchase notifications and risk-based alerts from their Wallet app that help ensure you’re aware of any unusual activity.

Capital One offers multiple authentication options
Capital One offers multiple authentication options | Source

Card controls are becoming more prevalent within mobile apps. Imagine: you’ve lost your wallet and are worried about fraudulent charges being posted to your debit card. Well banks such as First National Bank allow their mobile app users to disable the card from the app. Though not necessarily mobile banking security, it is an example of a measure banks are taking to protect customer security through a variety of methods.

FNB's CardGuard offers users advanced card controls to monitor finances
FNB's CardGuard offers users advanced card controls to monitor finances | Source

Now here’s a feature that is straight out of a spy movie from the 70’s: biometric authentication. It is more likely known by its patented name, Touch ID. Using your fingerprint, which is unique to you, as a way to quickly and securely log-in is the ultimate blend of convenience and security. Critics are quick to point out that fingerprints can be stolen just the same as passwords but cannot be changed. This is certainly true so remember to use other forms of authentication when available. Other biometric features include visual and voice banking so as to provide a multi-faceted authentication strategy, such as what USAA offers. Imagine being in a loud room that drowns your voice so as to prevent your phone’s microphone from registering it, or in a dark place that prevents visual authentication from occurring, well the mobile app will rely on the next available authentication measure.

USAA offers the most advanced biometric features on the market right now
USAA offers the most advanced biometric features on the market right now | Source

High-risk actions such as adding a payee through mobile are often subject to authentication measures, such as the SMS code Wells Fargo issues in order to perform this action. Bank of the West allows for easy disabling of the phone’s mobile app from their online banking system should the phone be lost. And many mobile apps are adding robust alerts to ensure users are aware of any suspicious activity, thereby putting the security in the hands of the users, such as Bank of America’s updated app. Aside from this, look for mobile banking apps that automatically scan for unusual activity and prompt authentication, and also rely on device recognition and location-based security as further security controls to keep fraudsters from accessing your account.

As a final note, though banks are doing more by the minute to protect your account, the ultimate responsibility lies in your hands. Technology is not without its flaws so as a mobile banking user there are a number of measures you can take to protect your finances. Never share any personal data, including account number, banking log-in, or any other information that can compromise your account. Log yourself out whenever you are done banking. Though many platforms do this for you automatically, it’s still better to be safe than sorry. Use a strong, long, multi-character password that relies on a unique combination of letters, numbers, and symbols, and is not easily guessed. Don’t share your mobile device with strangers, and ensure your device is locked when not in use. Always ensure your device and app are equipped with the latest updates. Avoid using mobile banking over an unsecure network such as public WiFi. Consider using a digital wallet (i.e. Apple Pay) for greater security from fraudsters looking to access your account. Ensure the mobile banking app you download is the correct app released by your financial institution, often the name of the publisher should suffice here. Avoid websites that aren’t protected by encryption (think https://) when submitting sensitive information. And lastly, if you receive suspicious correspondence of any kind, be it email or text or a phone call, don’t respond. Your bank likely has a secure method for contacting you if necessary and will not solicit your personal information. If you receive such correspondence, report it immediately to your bank so they can investigate it.

With the right precaution such as those listed above, mobile banking is secure as it needs to be to protect your data. In fact, it is often time just as secure if not more so than online banking. Using due diligence when choosing a financial institution that offers strong security measures and learning best practices in protecting your personal data can help ensure a pleasant and convenient mobile banking experience with minimal risk to your financial safety.

Would you be willing to use mobile banking?

See results
Cast your vote for The Quality of This Hub

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)