In the shortest possible answer is Yes, it is safe to use. I would also like to add some of the claims that SBI states “This includes complying to SSL/TLS1.2 standards and strict internal data encryption mechanisms.“
Still confused it’s just the starting, we will dig down deep into this. Interested read ahead then. First and foremost is that not a single technology or software exists that is not vulnerable.
Overall many factors contribute to security. Like using patterns, biometric scans, pins and also tightly industry-standard secured passwords.
Still Reading, would you like to read some more about SBI convinced right? alright if not follow the whole article.
- How to update Email-id in SBI online ?
- How to change MPIN of yono sbi ?
- How to check account type in SBI ?
Why YONO is safe even if it isn’t ?
SBI is one of the largest banks in the world that comes under 50 list by total asset size (2020 report).
This takes us to the next chapter where we discuss why it is a safe option to chose. As you know that every popular thing is the favourite spot for hackers to target.
SBI has around 44.89 crore customers. So SBI has a lot more concern than any user to protect its customer details.
Also as noticed when writing this blog, and almost consistency of 2 updates are served but still, user’s reactions are average and maintaining a 4 star overall.
That rating may vary and can be due to unsupported devices or due to a lot of crashes and bugs but still considering security first.
What are the differentiating security features ?
It’s not possible to ignore that SBI is the best bank among the government banks in India. And that too because of the features that make it best.
Like one of the features from that is cardless cash withdrawal from ATM’s. Here is a short demo video by SBI.
This is an incredibly clear implementation by SBI to remove any card usage in ATM’s to avoid skimming. So isn’t it a major security feature added by SBI?
Now, coming back to the app’s security levels:-
- MPIN Login
- Profile Password
- Transaction Password
No need of 3rd party UPI Apps
SBI has this very good feature of BHIM UPI, moreover, SBI’s UPI has a much better presence than any other banking app. So if that’s a concern for you to link any 3rd party app with your bank then for SBI’s own @sbi UPI id.
Use of MPIN to Login
Yes, this may not be a clearcut secured level but it’s mainly used in checking account balance and logging into the App fast.
Also, this level restricts customers only to view non-essential information such as account number, balance, statements, credit cards(without details), name, DOB, phone no, Aadhaar(encrypted form) etc.
Use of Profile Password
The profile section is a bit restricted and can be unlocked only using a profile password. This password can include at least one alphabet, digit, Uppercase, lowercase, a special character with at least 8 characters.
But as an example, this level unlocks sections like ATM/Debit Card, changing/removing MPIN etc. So some of the features or a non-transactional function would require this password.
Lastly, what’s the use of Transaction Password
In the case of a Transactional password, it is only used in the case of confirming payment. For example, if a person enters into transferring funds he/she needs to enter a profile password, enter the amount and then a request will process at that time the transactional password will be asked along with an OTP.
SBI Yono also provides the facility to enable a biometric authentication system to higher a customer’s own security that option can be enabled from the settings.
There is a very good option also inside yono which is called manage transaction rights which mainly focuses on users who can select
- Full Transaction Rights
- Limited Transaction Rights
- View Only Rights
So using the 3 options you can further secure your account by restricting its features accordingly.
OTP in full form is called a one-time password and as the word defines itself that it is a unique and one time generated password that is sent to the customer’s registered phone number to verify the customer in realtime so even if a customer’s account is stolen it would be next to impossible for the attacker to exploit the account if an OTP is not there with the attacker.
However, it is common among all the other banks, that it would not allow a user to log in until the app gets updated to the latest version. And the same thing is applied on yono too to secure its users.
That’s not all but consistently providing updates will further provide better security to the customers.
Upto what level it is secure ?
According to Sevenbank, a bank must pass some of the minimal essential qualities of security measures to be called a secured bank.
Some qualities like prevention of –
- Unauthorized access
- Phishing scams
- 3rd party spoofing
- Logon details
- Unauthorized use etc.
And State bank and its app yono bear such security measures to secure its customer’s data. And also can be said the safest among the public sector banks at least for now.
Such bank with the highest CASA rate has still some loopholes and needs to be fixed as customer increases. But as of now, the question arises up to which level it’s secure.
Now to answer the above question, I would like to remind you of all the security measures the bank takes. But in this case, the customer’s responsibility is also required.
Because we often hear such cases of fraud and money laundering cases and 90% of cases happen due to customer’s inability to manage their own accounts.
How ? when a customer shares their OTP, PIN, Password or any sensitive details to a stranger who can access the accounts without bypassing any security protocols.
I serious note from BanksForYou is that never share your OTP, PIN, CVV or any sensitive data to your friends, family or to any kind of stranger who claims to be from the bank itself.
Yono asks for some important permissions like location, phone, SMS etc. But you can customize the permissions as you like maybe you can deny some and allow the rest or you can even allow all or in some latest mobile OS there is an option to use these permissions while the app is on.
Also, many users posts their details in the comment post please avoid revealing details about your account and instead try to ask the question only.
Ok if almost everything is covered let’s start a quick FAQ then-
Yes, the yono is developed and owned by SBI and meets the advanced security standards of an application.
Moreover, SBI has developed its mobile application for mobile users so customers can use its online banking facility over desktop(Online SBI) and over mobile using YONO.
No, currently Yono is free for all SBI customers and solely available for SBI online customers. Also to note that the minimum balance, charges are the same as SBI charges and the limitations too.
Both applications are approved and tested well but in terms of 3rd party interference, Google Pay works on UPI and UPI is provided by banks only so SBI YONO is safer as the bank itself provides UPI itself.
No that's not true, as every bank faces data breaches some faces large and some fewer data breaches and the bank is liable itself for any damages, but due to the recent Indian govt. policies only up to a certain amount will be paid.
Moreover, there are no security breaches that are made from mobile applications but hackers target databases of the banks.