YOU see them everywhere: people hunched over their smartphones or tablets in cafes, airports, supermarkets and even at bus stops, seemingly oblivious to anything or anyone around them. They play games, download email, go shopping or check their bank balances on the go. They might even access corporate networks and pull up a document or two on their mobile gadgets.

But as wireless devices become increasingly ingrained into the daily lives of Americans, they open the door to heightened security risks. Not only do such devices become points of access for cybercriminals, but they also may be more easily breached than personal computers since many consumers do not secure their smartphones or tablets with antivirus software or take simple precautions such as enabling password protection.

According to a Harris Interactive survey commissioned by CTIA, a wireless trade group, less than half of all wireless device owners use passwords or personal identification numbers (PINs) on their handsets, a much smaller percentage than computer users. Among those who conduct online banking on mobile devices, only half encrypt the data or use some form of security software.

Many risks

Moreover, less than a third of users have installed antivirus software on their mobile devices compared to 91 percent on their laptops. This may explain why: 45 percent do not see cybersecurity on their mobile devices as a threat in the same way as they see it on their computers, according to the survey, which was released in May.

The dangers, of course, are plenty. Rogue mobile apps can record the information that users type into a device, such as bank account numbers and PINs, according to CTIA. They can read data stored on a handset, such as e-mails, text messages, attachments, credit card numbers, and log-ins and passwords to corporate networks.

A phone can even secretly record conversations within earshot. Data that leaves a mobile device wirelessly to connect to a wifi network could be hijacked in midair in "man in the middle" attacks. Malware can transmit this information to hackers, including those in foreign countries.

Consumers may not be as concerned about securing a wireless device because they do not view it as a small computer.

The risks are transferred to the workplace as more people bring their devices to the office for both personal and professional use, a phenomenon known as BYOD or "Bring Your Own Device."

Workers may unwittingly contaminate the corporate network if one or more of their personal apps contain malicious software.

The problem is expected to grow as people step up their use of wireless devices.

By 2015, more Americans are expected to access the Internet through a mobile device than a PC, according to CTIA. In the US, a third of the population currently uses smartphones.

The new trend of using mobile wallets opens up another area of risk for the wireless consumer.

With Google Wallet, consumers can use smartphones equipped with near field communication (NFC) chips to tap and pay for purchases. Their credit cards are stored on the phone. ISIS, founded by AT&T, Verizon Wireless and T-Mobile, offers a mobile wallet with tap-and-go functionality as well. Others offering mobile wallets include Square Wallet, LevelUp and Paydiant.

A complex environment

Attacks on mobile wallets occur chiefly through smartphones. Tablets are mainly used for consuming media like video, games and e-books, and for accessing the web. Smartphones are more often used for mobile financial transactions, checking e-mail, text messaging and voice calls.

As such, the threat to these devices is based on how they are being used by consumers or employees. However, tablets can be easier targets for criminals, because 73 percent of them connect to the Internet exclusively through wifi networks, compared to 12 percent for smartphones, the CTIA survey said.

Before smartphones and tablets took off, mobile telecom carriers controlled every aspect of the original 10-number keypad cell phone, according to a report by CTIA. They ran closed operating systems; there were no apps or an apps marketplace; phones had limited processing power; the network and content existed in a cordoned off "walled garden," and data speeds were slow.

Today, smartphones, tablets and other wireless devices run in both closed and open operating systems, app stores offer more than a million mobile apps and handsets boast heavy duty processing power, better resolution, larger screens and full access to the web. Meanwhile, carriers are investing billions of dollars to speed up wireless networks and carry heavier data traffic.

The result is that consumers and employees can perform far more complicated tasks on their handheld devices, and at a faster pace than ever before.

In a BYOD environment, corporate IT staffs have to contend with many more devices for each employee, instead of just a desktop, laptop computer and feature phone.

Businesses are used to securing computers that run on Windows or Mac operating systems, but now they also have to deal with iOS, Android, Windows Phone, BlackBerry, Symbian and others.

System administrators can vet software that is downloaded to a company computer. But it is tough to do the same with mobile apps.

Companies can deal with cybersecurity threats by setting up mobile device management policies, says John Marinho, CTIA's vice president of cybersecurity and technology. These include using virtual private networks, or VPNs, encrypting data in transit and requiring passwords on all devices. However, IT departments are not fully aware of what company employees are doing.

Other ways to mitigate the risks include implementing a "permitted use policy" and training employees on the consequences of using their devices without giving much thought to security.

Adapted from China Knowledge@Wharton,http://www.knowledgeatwharton.com.cn. To read the original, please visit: http://www.knowledgeatwharton.com.cn/index.cfm?fa=article&articleid=2804