Security in mobile apps
Experts | 05.29.2017
Smartphones have changed the way we communicate and connect with the world. With barely 10 years on the market, they have grown and modernised so much that we sometimes ask ourselves how we lived without them.
Increasingly more parts of our daily lives involve mobile phones and these devices which make our day-to-day tasks easier also store quite a lot of information about us. According to Spain’s National Cybersecurity Institute (Incibe), more than 140,000 malicious smartphone or tablet programs* designed to obtain information from our phones are detected each year.
In our post “Security on the Internet, do you know what phishing is?” we discussed some of the strategies criminals use to obtain information for fraudulent purposes. Here we have prepared a number of tips that will help you prevent having malware installed on your phone.
Use official apps
This might seem obvious, but not everyone is aware that there are ‘pirate’ apps that copy the image of the official apps of other firms so you download them and they can steal your information. These apps are normally offered on unreliable websites.
It’s very important to make sure you have downloaded an app from official stores such as Google Play for Android and Apple Store for iOS. These platforms have security measures to verify the authenticity and reliability of the apps they store.
Check the details of the app you are downloading
Reviews and comments about the app in the App Store can give you an idea of the level of security of the app you are downloading. Check the publication date, the developer, the ratings…and above all, check that the developer is the company that owns the app – that’s the most important point.
Respect the ratings – take the time to read them. They provide a lot of information on the correct operation of the app and also let you check its authenticity: if there are very few opinions or lots of them but they’re all excellent…don’t trust it.
It’s also important to check the permits the app requires. In the case of apps for iOS, you can regulate them and decide what access to provide through your phone settings. When you download an Android app, an external link tells you which permits the developer requires. In any case, check them before downloading to know exactly which parts of your phone you are giving access to.
Keep the app upgraded
It’s important to ensure you have downloaded the latest version of the app. App upgrades usually not only include improvements and new tools but also security optimisations that cover possible new threats.
Turn on alerts
Look for this option in the app to keep abreast of movements in your profile, particularly in the case of an app linked to a credit card, such as Spotify, Amazon or iTunes, or a banking app.
In the case of MoraBanc, you can enable the alert system by SMS, which will notify you every time your card presents a charge of more than €60. This way you will be able to detect any strange movement before it’s too late.
Close the session
This is a basic point but unfortunately we aren’t used to closing sessions when we log out of an app. In the case of apps with important user information, such as email addresses or social networks, if your phone falls into the hands of another person, it is crucial they don’t have access to any personal data you might have on the app.
Other apps, such as banking ones or those with payment information, are security configured so that the session closes automatically after a certain period of inactivity.
Turn on your phone localiser and screen block
Some phones have an option from the “Turn on localisation” menu and for those that don’t there are apps that let you find your phone by GPS. This functionality is very useful in the event of loss or robbery, because in addition to finding your phone and reporting it to the manufacturer, you can block or delete the data it contains so it isn’t accessible.
As well as this, blocking your screen with a PIN number or password is highly recommended. It might seem obvious, but including a password to access your device will stop other people from being able to obtain your data if you lose it or it is stolen.
How do I detect whether I already have malware on my phone?
There can be various clues: noise in telephone conversations; messages and emails that are deleted or appear as already read; a rise in data consumption, shorter battery life, etc.
For these cases, the experts at Incibe recommend making backup copies of the device and cleaning it, changing all your passwords from another device, deleting all unnecessary apps and installing an antivirus before reintroducing your data into the phone. Plus, for Android, the Conan Mobile app lets you know the degree of security of your mobile device.
Remember, at MoraBanc we employ maximum security measures to guarantee confidentiality in communications and we will never ask for your passwords by email or SMS.
For more information on MoraBanc online security, see this link on our website.
If you receive a message that seems suspicious or odd, please contact our customer service department, TeleBanc, phone +376 884 884. To prevent possible scams, always log into your online bank through our website or from our mobile app which you can download from the Google Play and iTunes app stores.
*Source: Incibe, March 2017.
Information on the processing of personal data
In compliance with Law 15/2003 of 18 December on protection of personal data, the customer authorizes that the applicant’s personal data entered on this form will be incorporated into files owned and managed by MORA BANC GRUP, SA – MORA BANC, SAU (hereafter referred to as “MoraBanc”) to process the requested service and, if necessary, to comply with the contracts finally entered into, and also to ensure correct operational procedures.
The applicant expressly authorises MoraBanc to send him/her commercial and promotional communications for products and services and information on the Bank itself, social or other activities, in hardcopy by post or by electronic means (among others, short messages (SMS) to mobile phones, e-mail, etc.). This consent can always be withdrawn, without retroactive effect.
The fact of filling out this form implies that the applicant acknowledges that the information and personal data provided are true, accurate and correct; otherwise, MoraBanc declines all responsibility for the lack of truthfulness or correctness of the data.
The applicant authorises the data provided to be communicated or shared with third parties forming part of the MoraBanc business group, entities which are primarily active in the financial, insurance and service sectors. The applicant is considered as having been informed of this transfer of information by means of this clause. The applicant accepts that he/she may be sent information on any product or service marketed by these companies.
The data processing manager is MoraBanc. The applicant is hereby informed that the rights of access, rectification, suppression or opposition may be exercised in the terms established in current legislation.