Neobanks and security: All your burning questions answered

You use your smartphone to shop for your favourite things, pay your bills, save money and manage your overall financial activities. Without a doubt, banking as we know it has changed with financial apps having become part of our lives, simplifying the overall process. But as you’re sending money abroad or paying for that birthday present, you may be wondering how truly safe it is making payments online.

Whereas armed criminals of yesteryear seemed to have been wiped off the face of the earth as more and more people have shifted their banking on the go, in an age of technological convenience, security is more important than ever. And just like your banking, crime has also become more digital as the internet is riddled with shifty individuals who are very good at coming up with inventive ways to steal your money.

Here we dig deeper into common issues and offer some simple guidelines that are set to transform you from a security rookie to a pro.

What is mobile banking?

Mobile banking enables you to do your day-to-day banking right from your mobile device without having to visit a brick-and-mortar bank. This means that you can save time from having to queue up at your local branch, you can manage your finances on the go, send and receive money, while you can track your investments all under one roof, not to mention that it is available around the clock 24/7/365.

Is banking on a smartphone risky?

The internet can be a scary place what with all the fraudsters and scammers lurking around or the fact that it’s so easy to accidentally download malware on your device. But what about banking on your phone? The answer to this question is a resounding NO. For starters a well-designed financial mobile app combines a series of robust security features with the very latest functionality, while it is far less likely to have a virus infect your smartphone. In fact, mobile banking can be more secure than banking on other devices due to the numerous built-in security measures an app has as opposed to say a browser which can be easily undermined through things like phishing, data interception and more.

But safety also largely depends on how cautious and well-informed you are and on how precisely you follow good security practices.

What security risks are involved?

As the number of smartphones used for managing your money skyrockets, this creates new opportunities for fraudsters to land right into your account and personal data by exploiting weak passwords or through social engineering, in other words, when users are coerced to give up their usernames and passwords to cybercriminals of all sorts. However, other security risks are linked to human error, carelessness or simply, a stroke of bad luck.
Here as some common security issues that you may come across.

Unfortunate mishaps

The lost phone

You’re there sat happily having a drink or two with your friends at your favourite joint, when you fumble for your smartphone and to your horror, you realise that it is no longer there. As you break into a cold sweat, looking for it franticly across and under the table, you suddenly realise that it’s gone for good. Is your account and the money you’ve worked so hard for at risk?

What happens if my phone is lost or stolen?

Security can be compromised in many ways and not just by a hacker. The good news is that with most financial apps, your funds are in safe hands, as long as you haven’t shared your passcode with others. So, if your phone is lost or stolen, the first thing you should do is change your passwords immediately, since doing so means that you will probably be logged out of your device and have to re-enter your new password to access things like your email and social media. And to get back into your account, you typically just need to download the banking app again on your new phone, log in to your account and resume your banking as per usual.

Ideally contact your provider to inform them of this calamity and see if you can remove your smartphone as an access point to your account. If you have a physical card, this may still function even without your smartphone, so you will still be able to make card payments or withdraw cash.

The lost card

As you approach the cash register at your local supermarket to pay for your groceries, you get hold of your purse and open it to retrieve your card, but to your dismay you realise that the card is not there. Did it fall out of your purse? Did someone steal it? It’s hard to tell.

What happens if my card is lost or stolen?

As alarming as this situation may be, take a deep breath and remember that most apps offer the ability to freeze your card right through the app so doing so should be your first step. Next, you should report it as lost or stolen. Depending on your provider, this can either be done via the app itself or you must contact their support team. Freezing your card means that no one can spend money with it, while reporting will prompt your provider to send you a replacement right away. If both your card and phone are missing, it’s best to give your provider a ring asap.

Our fight against loss and theft

At Moneybase we know that your smartphone is one of your most precious possessions. But we also know that in the excitement of it all, you may have been hasty in getting your hands on it and start using it, leaving little room for protecting it. On the other hand, your card is an extension to your funds and your wallet’s replacement, so keeping it safe is of utmost importance.

To safeguard your data, privacy and money in the event that you do not know your phone or card’s whereabouts, we have implemented a series of robust security features.

• The power of geolocation – nothing beats matching your card’s transaction with your phone’s location than geolocation capabilities which can stop potential fraud in its tracks.
• Customisable card controls – with the ability to block and unblock your card or cancel it whenever you need to, you can rest assured that your money will remain with you if your card falls in the wrong hands. You can also set up restrictions and permissions.
• A card that’s hard to crack – TLS/SSL encryption, 3D secure authentication and an embedded microchip within it – it's difficult for a fraudster to do much with your card.

Expert tips

While there isn’t much you can do to secure your credit card before it gets lost or stolen other than placing certain restrictions, in contrast there are a number of steps you can take to foolproof your phone before it is gone.

Here are some ideas:

• Add lock screen to your device - this is your strongest line of defence. If you’re not into crafting an overcomplicated 8-character password with a combination of letters, numbers and special characters, go for a fingerprint or face recognition option.
• Hide your passwords and PINs – these should never be saved on your smartphone and if your phone has the option to make your passwords visible, it’s best to leave this disabled.
• Hide and lock your apps – this can be a blessing for both security reasons and for privacy protection since it will keep others out of your photos, contacts, your phone’s settings and anything else you might not want others’ prying eyes on.

Cybersecurity disasters

Phishing scams

What is phishing and how does it work?

One of the oldest types of cybercrime, phishing is an attempt by fraudsters to harvest sensitive and personal information like your account details, passwords and credit card numbers or to urge you to download harmful software which may infect your device. This is usually done through deceptive emails with senders masquerading as a trustworthy entity and whereas emails remain the most common means for phishing, with the advent of modern technology hackers are increasingly using alternative options like fake websites, smartphones and attacks in the form of SMS messages to target unsuspecting victims.

Be wary of emails or messages with too good to be true statements like you have won a substantial amount of cash, an urgency to act fast either because of a super deal that is about to expire or because your account will be deleted or blocked unless you take immediate action. Remember that neobanks give ample time for you to take action before they block or terminate your account. Other telltale signs include attachments you were not expecting, messages with a bunch of misspellings and typos, mismatched fonts and those by an unusual sender. And of course, be suspicious of messages that ask for your personal information like your account password or credit card PIN number, your ID card or social security number and those claiming that they have your password attached.

Pharming attacks

What is pharming and how does it work?

Phishing’s less known cousin, pharming is a crafty type of fraud through which attackers attempt to fool targets into handing over valuable personal information by redirecting them to a bogus site that looks legit. Sounds like phishing right? Only it isn’t. Whereas phishing uses some form of bait like official-looking emails which invite users to click a link that will direct them to a fake website and enter their personal information there, pharming skips the bait altogether and sends unsuspected victims to spoofed sites without their knowledge or consent for that matter. This means that pharming is so sneaky that most victims realise they have been scammed a little too late.

How exactly does it work? Malicious software is powerful enough to be able to change the settings on a computer in such a way that it can direct traffic to a different site even when you’ve entered the correct website address. Then these sites can capture your private information, including usernames and passwords, credit card details and much more.

Our fight against cybercrime

Fighting off phishing and pharming attacks is easier said than done, but at Moneybase we have taken a series of measures to make sure that your account, money and identity are secure and remain so.

• IT security experts - we have in place a team of security specialists who are constantly on the lookout for phishing fraudsters and take these attempts down as soon as they appear.
• Robust anti-fraud system – with real-time alerts of any fraudulent activity, we can act fast and stop these right away.
• Features you can control – worried that you might have been phished or pharmed? No worries. Thanks to customisable features for both your account and card, your money is always safe.
• 3D Secure card – this means that when you shop online, you’ll receive a mobile notification from us asking you to log into your account and verify this specific payment.
• 24/7 human support whenever you need us – whether you’re concerned, have questions or would like to report on a hacking attempt, you can get in touch anytime, any day. On a different note, remember that Moneybase support agents will never ask you for your credit card number, passwords, card PIN, CVV/CVC or to transfer your PIN.

Expert tips:

No security system is 100% foolproof and a fraudster may be lurking about looking for their next victim, so here are some tips to help you further curb such attacks.

• Banking websites such as Moneybase always make use of HTTPS, which means that they are encrypted, so if you cannot see this before a site’s URL or there is no green lock icon in the browser, it’s likely that the site is not secure.
• Make sure you use the latest version of the app which can be downloaded either via the Apple App Store or the Google Play store.
• Enable two-factor authentication to your email and alerts for spam, malware and phishing.
• Always check links before clicking on them by hovering over it to preview the URL and by looking for any misspellings and typos. Also, don’t click on a link that prompts you to validate your account or reset a password if you didn’t initiate such an action.
• Do not click on any links or files especially if these come from unknown sources. In this way, it’ll be much harder for pharmers to install any malware onto your computer.
• Choose a trustworthy internet service provider which is committed to your security and can automatically filter out any bogus redirects, protecting you and your data in the process.
• Do not, under any circumstances, disclose personal information related to your identity, account or credit card to anyone.

Today’s ‘bank robbers’ may not be drilling holes in sealed vaults, but they’re using sophisticated tactics like hacking technology and social engineering, making them more transparent and faster than ever before. At times, a smartphone or card lands right on their lap, making their job easier. Making the appropriate choices when managing your day-to-day finances and banking transactions and injecting some dose of common sense can go a long way to making mobile banking safe.

Would you like to find out more about Moneybase and security? Visit our Knowledge Base or join our Community to ask a question and get some answers, give us feedback or offer suggestions.