Security in mobile apps

Smartphones have changed the way we communicate and connect with the world. With barely 10 years on the market, they have grown and modernised so much that we sometimes ask ourselves how we lived without them.

Increasingly more parts of our daily lives involve mobile phones and these devices which make our day-to-day tasks easier also store quite a lot of information about us. According to Spain’s National Cybersecurity Institute (Incibe), more than 140,000 malicious smartphone or tablet programs* designed to obtain information from our phones are detected each year.

In our post “Security on the Internet, do you know what phishing is?” we discussed some of the strategies criminals use to obtain information for fraudulent purposes. Here we have prepared a number of tips that will help you prevent having malware installed on your phone.

Use official apps

This might seem obvious, but not everyone is aware that there are ‘pirate’ apps that copy the image of the official apps of other firms so you download them and they can steal your information. These apps are normally offered on unreliable websites.

It’s very important to make sure you have downloaded an app from official stores such as Google Play for Android and Apple Store for iOS. These platforms have security measures to verify the authenticity and reliability of the apps they store.

Check the details of the app you are downloading

Reviews and comments about the app in the App Store can give you an idea of the level of security of the app you are downloading. Check the publication date, the developer, the ratings…and above all, check that the developer is the company that owns the app – that’s the most important point.

Respect the ratings – take the time to read them. They provide a lot of information on the correct operation of the app and also let you check its authenticity: if there are very few opinions or lots of them but they’re all excellent…don’t trust it.

It’s also important to check the permits the app requires. In the case of apps for iOS, you can regulate them and decide what access to provide through your phone settings. When you download an Android app, an external link tells you which permits the developer requires. In any case, check them before downloading to know exactly which parts of your phone you are giving access to.

Keep the app upgraded

It’s important to ensure you have downloaded the latest version of the app. App upgrades usually not only include improvements and new tools but also security optimisations that cover possible new threats.

Turn on alerts

Look for this option in the app to keep abreast of movements in your profile, particularly in the case of an app linked to a credit card, such as Spotify, Amazon or iTunes, or a banking app.

In the case of MoraBanc, you can enable the alert system by SMS, which will notify you every time your card presents a charge of more than €60. This way you will be able to detect any strange movement before it’s too late.

Close the session

This is a basic point but unfortunately we aren’t used to closing sessions when we log out of an app. In the case of apps with important user information, such as email addresses or social networks, if your phone falls into the hands of another person, it is crucial they don’t have access to any personal data you might have on the app.

Other apps, such as banking ones or those with payment information, are security configured so that the session closes automatically after a certain period of inactivity.

Turn on your phone localiser and screen block

Some phones have an option from the “Turn on localisation” menu and for those that don’t there are apps that let you find your phone by GPS. This functionality is very useful in the event of loss or robbery, because in addition to finding your phone and reporting it to the manufacturer, you can block or delete the data it contains so it isn’t accessible.

As well as this, blocking your screen with a PIN number or password is highly recommended. It might seem obvious, but including a password to access your device will stop other people from being able to obtain your data if you lose it or it is stolen.

How do I detect whether I already have malware on my phone?

There can be various clues: noise in telephone conversations; messages and emails that are deleted or appear as already read; a rise in data consumption, shorter battery life, etc.

For these cases, the experts at Incibe recommend making backup copies of the device and cleaning it, changing all your passwords from another device, deleting all unnecessary apps and installing an antivirus before reintroducing your data into the phone. Plus, for Android, the Conan Mobile app lets you know the degree of security of your mobile device.

For more tips, see the Internet Browser Security Office in Spain or the Incibe website where you will find handy tools with computer graphics to help you identify fraudulent apps easily.

Remember, at MoraBanc we employ maximum security measures to guarantee confidentiality in communications and we will never ask for your passwords by email or SMS.

For more information on MoraBanc online security, see this link on our website.

If you receive a message that seems suspicious or odd, please contact our customer service department, TeleBanc, phone +376 884 884. To prevent possible scams, always log into your online bank through our website or from our mobile app which you can download from the Google Play and iTunes app stores.

*Source: Incibe, March 2017.