Safe Shopping on Your Smartphone

Smartphones are all about instant gratification. Want to listen to a song you can’t get out of your head? Tap, tap, done. Get a stock quote? Tap, tap, done. Video-chat with a faraway loved one? Tap, tap--you get the idea.

And here’s where it really gets fun. Did a friend just recommend an amazing book? Gone are the days of hunting for a bookstore — now you just tap, tap, and order. Same goes for buying a cool scarf you just saw someone wearing, preordering the Blu-ray version of the movie you just watched, or even ordering a pizza to pick up on your way home from work.

Awesome as that kind of instant gratification can be, it pays to be cautious when conducting commerce by smartphone. Security risks are just as prevalent in your pocket as they are on your PC, which is why you should never tap, tap, buy without a safety net.

For example, suppose you’re browsing your Facebook feed when you see a friend’s status update: “Wow, this is so cool, check out this link!” So you tap the link, and land at a mobile website for what looks to be a legitimate (and, admittedly, cool) product.

Well, your friend recommended it, so you decide to tap out your credit-card number and buy one. Just one problem: You’ve been had. Your friend’s Facebook feed was hijacked, and that link took you to a phishing site. Your smartphone’s browser didn’t know that, meaning you just hand-delivered your Amex number to a criminal.

Similar threats can appear in text messages, email, and even those QR codes you snap with your smartphone’s camera. And even if you don’t supply any personal information, a nefarious site might be able to exploit a vulnerability in your browser, one that could expose your phone to viruses and other malware. It could even steal your information without your knowledge.

This is scary-sounding stuff, but you can rest easy — and shop safely — by putting security software on the job. The best smartphone security software can automatically block unsafe links inside email, text messages, and sites like Facebook and Twitter.

At the same time, it can protect you against potential phishing sites, block browser exploits, and spot malicious QR codes. Look for app-protection features as well, meaning only the apps you authorize are granted access to your contact information, location, and other private data.

For extra-strength protection, add a safe-search plug-in to your browser, one that will instantly vet all search results and let you know which ones are safe to click (or, in this case, tap).

An Amazon app displaying recommendations for the user.

By now you might think it wise to avoid browser-based shopping altogether, instead relying on the apps offered by vendors like Amazon, eBay, and Groupon. Sure enough, these apps offer an extra layer of security by linking directly to your existing accounts — meaning you don’t need to enter a credit card number when you buy something. That data is already securely stored elsewhere.

Alas, not all stores have their own apps, so there are times when your browser will be your only available gateway to what you want to buy. In such cases, make sure the purchase page(s) use encryption by looking for https in front of the URL.

That said, it’s always a good idea to keep close tabs on your credit card activity. Many banks can send you email or text notifications of suspicious activity, and fraud-monitoring services (including those from the Big Three credit reporting companies) can notify you of credit card abuse. That’s another kind of instant gratification worth tapping.

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Subscribe to the Best of TechHive Newsletter