No longer do we have to go into the bank, queue up and wait to talk to a teller. With smartphones and banking apps, we can do our banking from the convenience of our phones. But are banking apps safe?
In this case, when we ask whether banking apps are safe, what we really want to know is whether they’re secure. We really want to know if our money and identity are safe.
What are banking apps?
In the UK and the EU, you’ll find two main groups of banking apps:
- your bank’s dedicated app; and
- open banking apps.
Using your bank’s dedicated app, you can carry out banking transactions, make payments, and transfer money between your accounts. If someone breaks into your dedicated banking app, they can do exactly the same things.
With open banking, regulated providers can access your banking information to provide you with services. These services are constantly developing, but they’re split into two categories:
- account information services, which let you see all your accounts in one place. These offer information like budgeting and accounting advice, but can’t actually carry out any transactions; and
- payment services, which let you make payments directly from your account without going through a third party.
Each type needs different authorisations.
How do banking apps protect your data?
Banking apps can be safer than online banking. Unlike your browser, apps have security built in; also unlike your browser, well-designed apps don’t store your personal data on your device. As you’d expect, banking apps encrypt your data before it leaves your device. Even better, mobile devices can use biometrics like fingerprints and facial recognition to secure the app.
As well as two-factor authentication (2FA), many banking apps use a technique called ‘device fingerprinting’ to identify your specific device. If someone tries to log in to your online banking or a banking app on another device, your device will alert you. To keep you safe, some banking apps also:
- check whether your device is vulnerable to threats, for example, if it’s been jailbroken or rooted;
- request extra information if they detect unusual or unexpected behaviour, for example, repeated failed login attempts, or login attempts from an unexpected location; and
- provide alerts or require confirmation for particular events, for example, new logins or large transactions.
How can you protect your data?
Protecting yourself from financial crime is the same, whether you’re talking about banking apps or other online services. The bank can make their app secure, but they can’t protect you from yourself.
Unfortunately, many banking apps do let you bypass security features. No matter what you do, don’t do this! Those features are there to keep you – and your money – safe.
All banking apps
Two-factor authentication (2FA) is a way to secure your account. A single factor is something you know (a password); the second factor is something you have (often a particular device, or a code from an SMS).
Some organisations even ask for a third factor: something you are, for example, a fingerprint or face ID. Criminals try to trick you into giving them your 2FA codes so they can break into your account. Your bank will never ask for these codes over the phone or by email, so don’t give them out!
If you download the wrong app, criminals can steal your login details when you try to log in. The best way to ensure you get the right app is to follow the link from the bank’s website. If you try to sideload it, you might as well hand your details over to the criminals.
Most banking apps offer alerts to let you know about new logins, deposits and withdrawals. Sign up for these. As well as keeping you safe, they’ll help you keep track of your money, which is never a bad thing!
And finally, learn how your app looks and works. If you notice anything odd, stop and contact your bank straight away.
Open banking apps
When you log in to an open banking app, your bank will explicitly ask you for permission by a separate means of communication. In addition, you’ll have to log in and give this permission again every few months.
Only regulated providers can offer open banking services. As with regular banking apps, follow the link from their home page to download the app.
With basic security precautions, banking apps are safe, convenient and useful. If your existing account doesn’t offer online banking, check out the best easy access savings accounts to get started.
Some offers on MyWalletHero are from our partners — it’s how we make money and keep this site going. But does that impact our ratings? Nope. Our commitment is to you. If a product isn’t any good, our rating will reflect that, or we won’t list it at all. Also, while we aim to feature the best products available, we do not review every product on the market. Learn more here. The statements above are The Motley Fool’s alone and have not been provided or endorsed by bank advertisers. John Mackey, CEO of Whole Foods Market, an Amazon subsidiary, is a member of The Motley Fool’s board of directors. The Motley Fool UK has recommended Barclays, Hargreaves Lansdown, HSBC Holdings, Lloyds Banking Group, Mastercard, and Tesco.