Mobile Financial Services

• Create a complex passcode for your mobile devices. Avoid using personal information (e.g., names, dates, etc.) in your passcodes. Do not share your passcodes with anyone.
• Enable available security features, such as biometrics (e.g., fingerprint scanner, facial recognition, etc.), auto-wipe after a number of failed passcode attempts, and auto-lock after a certain amount of time.
• Keep your device up to date. Install new updates as soon as you can to fix any identified security vulnerabilities.
• Do not root, jailbreak, or otherwise circumvent security controls on your device. Install anti-malware, when possible.
• Lock your devices screen anytime you are not using it, so it must require authentication before the device can be used again.

• Download and install mobile apps only from trusted sources authorized by the device manufacturer, such as the App Store, Google Play Store, or Microsoft Store.
• When possible, require authentication to download mobile apps to prevent unauthorized installation.
• Protect yourself from fraudulent mobile apps by watching for signs like typos, poor image quality, formatting issues, low download number, or negative user reviews. Review other mobile apps created by the app developer to validate the application's legitimacy. 
• If possible, create a passcode on mobile applications which can access your personal information (e.g., mobile banking services).
• When finished with a mobile app, always "Sign Out" or "Log Off" rather than just closing it.

People are trying to steal your personal information. Remember to be on alert for the following types of threats to your mobile financial services. 

• SOCIAL ENGINEERING Phishing is a social engineering tactic used to obtain personal information by masquerading as a trustworthy person via email, text message, or phone call.
• UNSECURE NETWORKS If you can connect your phone to a wifi network without entering a password, unauthorized individuals can, too. Do not use your mobile device to transmit sensitive data on unsecure networks. 
• COMPROMISED WEBSITES Watch for potentially compromised websites. If the website has an error or your browser gives you a warning about the site, use caution. 

    When in doubt, do not click.

• Access the organization’s mobile banking site here
• Do not type your mobile banking username or password into a site other than this one. Download the official mobile application from the App Store or Google Play Store. Search for the following name: STONEHAMBANK
• The financial institution’s public website contains direct links to the application. Visit our website at: www.stonehambank.com 
• Do not download the organization’s mobile app from other app stores, as those have not been authorized and the application may be compromised.