Is it Secure?

Mobile Security

Is it secure?

Yes, the mobile banking service utilizes best practices from online banking, which includes security procedures for electronic banking transactions which are commercially reasonable and application time-out when your mobile device is not in use. Only the mobile devices that you personally enroll in the service can access your accounts. In addition, no account data is ever stored on your mobile device. And in the event your mobile device is lost or stolen, the service can be immediately disabled by either going online to the Mobile Banking enrollment website or calling us.

Mobile Banking Security Tips


  • Set a strong account password that has at least 8 characters with at least one number, at least one lower case and one upper case letter and at least one special character. Do not use your name, birth date or other easily identifiable personal information in your password to avoid hacking.
  • Treat your phone like a computer by downloading security patch updates and antivirus software on your phone. Android® offers this software for users
  • Always secure your phone and SIM card (subscriber identity module) with a password. If your phone is ever lost or stolen, it will protect your private and secure information
  • Only download applications from trusted sources. Make sure to download updates regularly, as often times these include fixes to security flaws
  • Read an application’s privacy policy to be aware of what they are doing with your private information
  • Take note of pop-up notices and other alerts that may be warning you about security issues or leaving trusted sites
  • Delete text messages from your bank once you’ve read them
  • Always log off completely after using a mobile banking site or application
  • Make sure to clear out all information on your phone before discarding it
  • Modify the phone's settings so that only messages from authorized numbers are allowed
  • Bookmark the bank’s mobile web site and only use this bookmark to access the site to avoid phishing
  • Avoid using unsecured, public WiFi networks to access financial accounts with mobile devices
  • Always use your cellular network when conducting mobile financial services
  • Add the bank’s short code and customer service phone number to your contacts and only initiate SMS and phone calls from your contact list. Do not reply to SMS messages that do not exist in your contact list.
  • Use the auto screen lock on your mobile phone to prevent unauthorized access to your information.
  • Consider utilizing apps such as Find My iPhone® and Find My Droid to find your lost or stolen phone.
  • Keep your Bluetooth turned off by default and use only when necessary. Make certain that Bluetooth is turned off when conducting any mobile banking transactions/inquiries. Devices with Bluetooth enabled by default and ‘always on’ may present a target for exploitation and interception of data which can be done undetected (Bluesnarfing).
  • Report any problems or suspicious incidences surrounding Mobile Banking directly to your bank.


  • Send your personal information or online banking credentials via email or text, as both are easy to intercept
  • Enter personal information unless there's an “s” after http, which indicates that the site is secure. Also, look for security symbols such as an icon of a lock
  • Bank or shop online while on a smartphone when using unsecured, public WiFi access
  • Set your phone settings to auto-fill User ID's or Password information
  • Click on any links in emails that claim to be from your bank. Instead go to your bank's website directly to log in
  • Click on links in SMS messages unless you initiated the SMS conversation with your bank
  • Call phone numbers not in your contact list. If you are unsure about a phone number, you may text “Help” to your TB&T short code (79680) and compare the phone numbers. Only call the numbers in your Help response or in your contact list to avoid Vishing
  • Jailbreak your smartphone. Jailbreaking (a method of ‘self hacking’ in order to gain full access to all features of the technologies of smartphones) is dangerous and makes your smartphone extremely susceptible to malware, viruses and other malicious programs.

Finally, know that Troy Bank & Trust will not ask customer to provide confidential information over an email or SMS message

With most mobile devices lacking the personal firewall, anti-virus software and other protections common today on personal computers, these devices can be vulnerable to a variety of security threats, including:

Malware: A term for “malicious software” that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity or availability of the victim’s data, applications or operating system, or otherwise annoying or disrupting the victim

Phishing: Luring unsuspecting customers to provide sensitive personal information or downloading malware through an email. Popular scams including phishing emails that appear to be coming from a FI and contain a link to a spoofed website; the site tricks victims into logging in using their personal credentials, which are then captured by the criminal.

SmiShing: A contraction of “SMS and phishing”, in which criminals pose as a FI and use SMS in an attempt to gain access to confidential account information. The typical scam informs the mobile device owner that the person’s account was compromised or credit/ATM card was deactivated. The victim is directed to call a phone number or visit a spoofed website to reactivate the card. Once at the website or through an automated phone system, the victim is asked for card, Pass code and/or account numbers.

Vishing: A contraction of “voice and phishing”, in which victims are tricked into disclosing sensitive personal information through a phone call or voice response unit (VRU).


You are leaving Troy Bank & Trust

By clicking Continue, you will be taken to a website that is not affiliated with Troy Bank & Trust. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of Troy Bank & Trust's website. We encourage you to read and evaluate the privacy and security policies of the site you are entering, which may be different than those of Troy Bank & Trust.


Unsecure Email Disclosure

Your privacy is very important to us. We would like to advise you that Internet email is not a secure method of communication. Please do not submit any information that you consider confidential. We recommend you do not include any specific identifying information such as your social security, account, PIN numbers, date of birth, etc...


Affiliate Website Notice

By clicking Continue, you will be taken to our affiliate's website. Products and services offered shown will be provided by our affiliated entity. Some products offered may not be FDIC insured. Please read the privacy and security policies on our affiliate's website. In some instances, these policies may differ from those of Troy Bank & Trust Group.