BID Daily Newsletter
October 22, 2015

BID Daily Newsletter

October 22, 2015

Phone Hacked

This past August, a 12 year-old boy had what is sure to be the most memorable trip to a museum he will have in all his life. That's because the boy, who was visiting a Leonardo da Vinci-themed exhibit at Taipei's Huashan 1914 Creative Arts Center, tripped while touring the show and accidentally put his fist through a 350Y old painting. Luckily for the boy, the painting was insured and organizers of the exhibit have said they would not pursue restoration costs from his family. Although the boy's identity has not been released, a video of him falling into the painting was caught on closed caption cameras and later released by the museum so it has made the rounds of the Internet.
As crazy as this incident may seem, it is just one of several such museum incidents that have left famous works of art damaged or irreparably destroyed. Given how accessible and wide open most museum pieces are, it is actually surprising that more priceless works of art are not destroyed--particularly in an era where few people seem to do anything for long without repeatedly glancing at text messages or emails on their cell phones and not paying attention to the world around them.
This made us think about what else people are doing with their phones and more specifically as that might relate to banking. For example, consider the story about Apple's iPhone recently being hacked by thieves who stole the Apple accounts of more than 225,000 users.
In all fairness to Apple, following years of what was essentially a "free ride" for users who rarely had to deal with viruses; the massive popularity of its devices has spurred hackers to turn their attention to all things Apple. In this case, the cyber criminals actually took advantage of security weaknesses introduced by iPhone users who engaged in a practice known as "jail breaking." This process removes the restrictions of Apple's operating system in order to expand the phones' capabilities or include features service providers would otherwise charge extra for (usually used when playing difficult games).
By targeting "jail broken" phones, hackers successfully infected these devices with malware that allowed them to access the iTunes App Store information for each phone. This gave them the phone's individual ID number, account username and password. This was all information that enabled the hackers to prevent hijacked phone owners from recovering their phones. Oddly, even though iPhone users themselves were responsible for weakening the security system, the incident is a major publicity nightmare for Apple--especially since it occurred just before releases of the latest iPad, iPhone and Apple Watches.
Given the reality that customers are often the weakest link in any kind of security system, community banks should consider any and all ways that customers could potentially compromise the security your bank puts in place. People are always one if not the weakest link in the chain, so it is important to educate customers about the myriad of things they could do to potentially jeopardize the security of their accounts as you seek to protect the bank from human error.
One reminder that never goes out of fashion is to remind customers to do simple things such as making sure passwords are not easily cracked and don't contain obvious things such as the word "password." Customers should also incorporate other preventative measures such as regularly checking account balances, card activity and even credit reports for odd entries.
As customers continue to embrace more and more online and mobile banking applications it is important to continuously look for ways these programs could potentially be compromised and to educate users about possible pitfalls. Doing so is just another way your bank can demonstrate you are looking out for your customers' best interests.