How to keep your mobile wallet secure

'Even if your phone goes missing for 15 minutes, be warned.'
With e-wallets playing a larger role in transactions, these precautions are a must, says Sanjay Kumar Singh.

In the wake of demonetisation, technology has become key to financial transactions. And, e-wallets are becoming a major vehicle to the new cashless way of life.

To facilitate bigger transactions, the Reserve Bank of India has recently increased the limit of e-wallets to Rs 20,000 a month.

The Securities and Exchange Board of India is also likely to allow mutual fund investments through e-wallets, say reports.

Amid all this action, it is important for consumers to be more careful in the way they use this mode of payment.

To a large extent, the safety of a mobile wallet depends on the way a user manages his phone.

"If the phone becomes vulnerable, so does the wallet. If the phone gets infected with malware, the wallet is at risk. If you download apps and games from unauthenticated sites on your phone, or don't install an antivirus on it, your phone will become vulnerable to a malware attack," says Rohit Srivastawa, senior director (cyber security and education) at Quick Heal.

Your phone also becomes vulnerable when you lose it.

While this was a serious issue earlier, with so much of personal data being stored on a phone, it has now become critical.

• One basic precaution every user must take is not to leave the phone unlocked. Use a password, PIN or pattern lock to prevent unauthorised access.
• If the phone gets stolen, first get the SIM card blocked and then call the wallet service provider to block transactions from that device.
• Nowadays, locking utilities (such as AppLock) are available. They allow you to put all the sensitive apps on your mobile phone, including the mobile wallet, in one folder to which you can then apply a password. Such utilities provide a second level of protection: there's a password for the phone, and now you also have a password for access to the app.
• Even if your phone goes missing for a while, say 15 minutes, be warned. Check if any financial transactions was done during that period. Hackers can, within that short span, install malware on your phone, which would allow them remote access to sensitive financial data.
• Just as you install an antivirus software on your PC, it has now become imperative to install one on your phone or tablet also. It will protect your device against a virus or malware attack. Subscription to an anti-virus software for phones and tablets would cost you about Rs 300 to Rs 1,000 a year.

Experts recommend that you should avoid selling old phones.

"Even if you have deleted all the data from your phone, today software and other utilities are available that can be used to retrieve photos, messages, and critical financial data from your device," says Srivastwa.

Finally, use only one card for loading the wallet.

"It is best to use a prepaid card for loading the wallet as the amount of money at risk will be limited," says Shomiron Das Gupta of NetMonastery, a threat management provider.

"If you use a debit or credit card," he recommends, "use only one card all the time. That way even if your account is hacked, only one card's data will be stolen."