How to Protect Yourself While Using Shopping Apps
A smartphone can do a lot of things. For many of us, they have become an extra appendage, a tool that we can't get through each day without.
Not only do smartphone apps enable online shopping, but an increasing number of people have been using apps to help them shop in brick-and-mortar stores. Even if you haven't used one yet this holiday season, the deep discounts of the post-Christmas clearance sales may be tempting.
Many smartphone apps built for offline shopping, such as Shopkick, Foursquare, Facebook's Nearby feature and the recently launched Shopular, come with geolocation tools to help you find the best deals in your local mall.
The bad news is that smartphone shopping apps can also help identity thieves and physical robbers. The signals your smartphone sends out while you shop make you an attractive target for criminals both online and offline.
Not on your laptop any more
The first thing to consider when using your smartphone to shop is that you don’t have as much protection from malicious code as you would on your laptop.
If you don’t have a mobile anti-virus solution on your phone, then you're leaving your credit-card information on an unsecured device.
If you add the risk of simply losing your phone, or having it taken from you in a public place, you can begin to see why storing financial data — including credit-card information — on your mobile devices can be a tricky proposition.
By adding the geolocation features built into your shopping app, you may find the best deals near you, but you're also giving out the location of your device.
Geolocation technology works by sending out an active signal to seek its location. Those can be picked up by anyone with the right wireless receiver.
A password lock won't protect you, either, not when methods to bypass it are common knowledge.
"It’s on Google," said Jerry Irvine, chief information officer of Prescient Solutions in Schaumburg, Ill., and a member of the National Cyber Security Task Force. "Just search for how to hack an iPhone, or whatever device, and you’ll find instructions."
Your mobile device's default settings instruct it to locate the nearest Wi-Fi network and offer to connect.
For smartphones, this is designed to help the end user save on data costs. If you have a tablet without a data plan, then Wi-Fi is your only connection option.
The problem with doing your shopping on a publicly available Wi-Fi network is that it is publicly available. This means that anyone can access it — or even simulate it.
"Mobile devices can be used as proxies for wireless," Irvine said. "It looks like you are on the mall Wi-Fi and you think you are, but really all of that data is being intercepted before it goes on, in a man-in-the-middle attack."
Using geolocation-enabled apps on a local Wi-Fi network to get the best deal sends out signals each time you use it, making you a more likely target. If your app gives you deal alerts for your local area, then those signals are going out without your knowledge.
You'll be safer sticking to your wireless carrier's network, even if it does eat up your data allotment.
Shopping apps aren't always safe
If you think using a shopping app will help you find bargains, you may be wrong. Any app that stores your credit-card information, or any of your personal data, puts that information at risk.
As for using social networks while shopping in the mall, think twice. Showing off your location, along with your shopping habits, is less than ideal because it allows those with malicious intentions to better target you.
Remember that any time you put information about yourself on a social network, you lose control of who can see it. If you tell the world you're shopping for a big-ticket item, you tell the world you've got a lot to spend.
Adding your location to the mix makes you a target not just for hackers, but for muggers as well.
But if you absolutely have to…
If you are going to shop online or in the mall with your smartphone, you're going to have to be smart about it. Aside from avoiding apps that store your personal data and sticking to your cellular carrier's data services, what can you do?
You can do a surprising amount. First and foremost, make sure you deal only with stores you know well. Be wary of too-good-to-be-true situations: You may have found a desirable item for 75 percent off, but if the retail site is shady, you may end up getting a lot more than you bargained for.
Skip the dedicated apps and use the Web browser instead. That way, less of your personal data will be stored on your phone at any given time. Just be sure that you log out of each shopping website after you're done with the transaction.
When it's time to pay online, try using a third-party service such as PayPal so that you don't actually give out your credit-card or debit-card information.
Otherwise, use a prepaid debit card or a low-limit credit card that you use only for shopping online. If the number's stolen, your risk will be limited.