NEW YORK (TheStreet) -- If you can't find a wireless hotspot in an urban area these days, you're not trying very hard. According to the Wireless Broadband Alliance, their numbers will grow from 1.3 million in 2011 to 5.8 million globally through this year.
For banking consumers who use mobile apps to conduct financial transactions, the growth of Wi-Fi hotspots is actually chilling, whether they know it or not.
Unlike home-based wireless services, which usually encrypt the data sent from mobile phones, tablets and computers, public Wi-Fi hotspots typically leave users susceptible to having their email, bank account and credit card data taken by identity thieves.
According to Javelin Strategy, 13.1 million Americans were victimized by identity fraud last year -- a rise of 500,000 from 2012. More worrisome, account takeover fraud, which significantly affects bank consumers, accounted for 28% of all identity theft.
Technology providers try to keep pace with identity thieves, but on the Wi-Fi hotspot front those efforts fall short.
According to the data security firm SecureLabs, cyber thieves can buy a $100 "malicious Wi-Fi router" that gives access to any data sent through a public hotspot to intercept passwords and manipulate payment transactions.
Technology industry standards groups are asking banks and technology companies to adhere to tougher security standards, and SecureLabs, in a study in its native Netherlands, concluded that "as long as all online banking websites and browser vendors are not embracing the new security standard, the SSL Web security can be easily bypassed with a cheap and easily assessable Wi-Fi hotspot."
Yes, the SecureLabs study is a small one, and more data need to be collected and disseminated by the banking industry and by technology providers.
But ID thieves are a smart bunch, and once they realize a $100 investment in Holland can work in New York City and San Francisco too, those malicious Wi-Fi routers will come into play.
It's best to avoid using public Wi-Fi hotspots to conduct banking business, or even to make purchases with a tablet or mobile phone. Also, ask your financial institution about getting extra layers of security to better protect your data (most banks offer stronger data security levels) and to place a note on your bank checking savings and credit card accounts that you will never provide your Social Security number as a form of authentication.