Given that we're taking our phones out of our pockets in countless situations these days, the loss of control over them increases significantly. In these cases, the first step is to use remote blocking tools to prevent anyone from using it, and change the passwords for your bank account and your Apple ID or Google ID. If the attacker still manages to unlock access to your phone, as we've already mentioned, your banking identity is protected to the extent that card details cannot be accessed from it, although they could still make payments with it.
To mitigate this risk the advice is:
- Activate biometric authentication on your mobile device (facial recognition or fingerprint) to log in on your mobile device and authorize any in-person payments.
- Don't save screenshots or passwords on your smartphone or in the cloud unless you're safe. If they get hold of this data—and believe me, they can—we're doomed. We'll explain how cybercriminals do it later.
- Keep your operating system and banking app up to date to protect against the latest security vulnerabilities that have been detected.
And, although it doesn't apply to in-person payments, it is important in general terms because that's where fraud is most prevalent: in online payments. In these cases, it's very important:
- Activate Strong Customer Authentication (SCA) or, in other words, two-step authentication: Something you know + something you have (PIN + SMS code), or something you know + something you are (PIN + biometric authentication).
- Avoid making online transactions with public networks.