by Chiara Cavalglieri

I’ve never felt unsafe using online banking or mobile banking apps, despite many years spent researching threats.

Headlines about criminals using AI to create shockingly convincing impersonation scams or bypass ID checks make for sombre reading, but don’t forget banks have this technology at their disposal, too.

The shifting nature of cybercrime means the financial industry can never rest on its laurels, and our investigations repeatedly suggest there’s more than a little room for improvement. But, it’s been exciting to see anti-fraud tools launched by the likes of Monzo and Santander to keep customers safe. 

Criminals will always try to exploit multiple channels, such as social media, online ads, phone calls and texts to get at your money. We want companies in different sectors to share intelligence to better understand how they operate and prevent scams reaching consumers. 

You can do your bit too, by staying alert to phishing attempts, keeping software updated and making use of any security features offered by your bank or built in to your device. 

For ultimate security, bank at home on a secure private network, on a dedicated up-to-date browser used only for finances, and use antivirus on your computer. 

Is mobile banking safe?

The biggest threat to banking security comes from using a compromised device. And this applies whether you’re using a computer or a smartphone.

Although phones are more easily lost or stolen, you can mitigate the risk by registering for Google ‘Find My Device’ and Apple ‘Find My iPhone’ so that it can be located, locked and even wiped of data remotely if it’s lost or stolen.

It’s difficult to plant a keylogger in an Android or iOS device (software used to track every key you press and potentially steal usernames and passwords).

But mobile banking isn’t risk-free – fakes can turn up in app stores and malware does exist that specifically targets mobile phones. Always download apps from the official app stores as these are vetted by Apple and Google, and check the reviews carefully. 

Keep your software updated as manufacturers and app developers will usually release software updates which contain security patches and new security features.

Make use of any security features offered by your bank or built into your mobile phone:

  • Protect your mobile Add a unique Pin to your Sim card; register for Google’s Find My Device or Apple’s Find My iPhone; and disable preview notifications. These flash up messages even when your phone is locked. 
  • Instant card freezing All of the banks we tested let you temporarily block your card in-app without having to call or visit a branch, except The Co-operative Bank. 
  • Block remote payments If you bank with Barclays, Chase, Lloyds Banking Group, NatWest, Santander, Starling, or TSB you can also block remote purchases made online, over the phone and by mail order. Many also let you freeze gambling and international transactions too.
  • Real-time notifications These notifications make it much easier and quicker to spot fraudulent transactions. High-street banks have followed suit, though some still a way behind the digital challenger banks.
  • Caller verification Barclays, Monzo and Starling currently offer security features designed to help you spot phone scammers at present. If someone calls claiming to be from Barclays, you can ask them to send a secure notification to your Barclays app via ‘app ID’. If you’re a Monzo or Starling customer, look for ‘call status’ warnings to see if someone from the bank is genuinely on the phone to you or not (Monzo shows this under its security settings, Starling within the payment screen).