Friday, March 16, 2012
Making Sure Your Mobile Transactions Are Safe
Use password protection, question your broker and avoid the free public airwaves to keep iPad data out of harm’s way.
It’s tempting to slip your iPad out of your purse to check on your brokerage account while enjoying a cappuccino. But is it a good idea to send your data out over the public airwaves provided free of charge by your favorite coffee shop? Do you risk having your information intercepted by miscreants who want to use it for their own purposes?
Frankly, the most pressing security issue usually isn’t the airwaves so much as theft or loss of the device itself. The ne’er-do-wells who make off with your gear, or those who simply find a wayward iPhone in a restroom, have instant access to your e-mail accounts, log-ins to corporate data systems and social-networking sites, as well as more personal items like photos.
YOUR FIRST SECURITY MEASURE should be to password-protect your mobile device. The iPhone and iPad can be set up with a four-digit passcode lock, which you should do as soon as you take it out of the box. The passcode can be created so that all the data the device holds, including contacts, text messages, and e-mail login, are erased if someone enters the wrong code 10 times.
What if your devices are safe and sound, but your wi-fi connection isn’t? It’s obvious when your iPad is missing. It’s not so easy to tell when your data transmissions are being intercepted by bad guys. Thieves use such strategies as packet sniffing, phishing, and pharming–all ways of intercepting data or tricking you by spoofing a financial-services Website.
Ever since 2006, when customers of several online brokerages discovered that their passwords had been stolen and their accounts used to inflate the prices of some thinly traded stocks (called “pump and dump” schemes), financial-services firms have made mobile security a high priority.
If you’re conducting any financial business from a mobile device, make sure the firms you’re working with employ encryption for transmitted data, and that they monitor transactions for unusual behavior. Most banks and brokers are now on the lookout for activity that comes from geographical areas that they know are hotbeds of cyber-criminal activity, and have been successful at stopping the great majority of these intrusions.
Even so, mobile-security experts recommend avoiding open wi-fi, and going with EVDO (Evolution Data Optimized, learn more at http://www.evdoinfo.com) or GPRS (General Packet Radio Service). It’s faster, far more secure and not that much more expensive when you realize you won’t be wasting time looking for signal or worrying about what you can and can’t do on the connection.
TO USE EVDO, you just purchase a device from Sprint, Verizon or AT&T and pay a monthly fee for data access. You are your own hot spot when you have one of these, and they work with any mobile device you own, including a laptop. There are some that plug into your tablet’s USB port and others that are battery powered and stand alone. GPRS is built in to many smartphones, and is much more secure than open wi-fi. Your mobile device’s 3G and 4G connections are secure, though they’ll draw on your data usage.
So hang on tight to your mobile devices, and make sure that when you transmit sensitive data that you are doing so safely. If you’re not sure a wi-fi connection is safe, just enjoy the coffee.
Sidebar to Survey of Online Brokers, published in Barron’s Online, March 10, 2012.