Tax season is almost always unanimously linked with unhappiness. Piles of crumpled receipts, coffee stained forms, and wasted weekends spent itemizing every purchase are just some of the unpleasant activities that are associated with this time of the year. Like many previously arduous tasks, mobile technology has made life a lot easier for many people, including those doing their own taxes. Companies like TurboTax and TaxSlayer created mobile apps with the intention of helping customers submit receipts, check on refunds, and much more.
But, you know what they say about good intentions…
The reality certainly rings true when it comes to using mobile apps for sensitive financial and personal activities. Oftentimes, usability and visually appealing interfaces are prioritized far above security precautions. In April, a Hewlett-Packard (HP) audit revealed that more than 90% of popular mobile tax and finance apps contained at least one potential security violation.
The flaws discovered by HP ranged from irksome to down right alarming, including accessing contacts, tracking a user’s location, storing sensitive data unencrypted, insecurely transmitting data, and unsafe cookie practices. In addition, many of these apps use data encryption methods that are known to have weaknesses—and you can guarantee that if the security industry knows about them, so do the hackers.
One of the biggest concerns with using mobile apps to store and perform sensitive financial activities is the potential connection to third-party storage. Users today often take the ability to share data seamlessly between mobile and desktop accounts for granted, but these features are normally made possible through cloud services. Checking the status of your tax refund on your mobile device is great, but accessing that information via digital pathways can also create many extra chances for someone to get ahold of Social Security and credit card numbers.
Like so many app safety issues we have covered before, consumers need to be aware of the app security limitations when it comes to storing financial and personal data. It is crucial to always review what information an app will have access to when downloading anything new, and once installed, users should also periodically check what data those apps are using.
Whether you are sending risky photos to a significant other through a chat app or checking your bank account, mobile app promises of security need to be taken with a grain of salt. This HP audit reveals again that in reality, the responsibility of user safety lies with the consumer instead of the companies that create the app.
In order to help keep personal information out of the wrong hands, it is important to be discerning about what gets stored on mobile phones and tablets—no matter how convenient or pretty the app. Additionally, extra security precautions like PIN codes and mobile security apps like McAfee Mobile Security for iOS and Android can go a long way towards keeping prying eyes out.