90% of mobile banking apps have security problems
90% of mobile banking apps have security problems
Do you use the mobile app offered by your bank to make deposits or to
handle other transactions? You might not be so eager to use it next time
after hearing about the results of a recent study. Ariel Sanchez of IO
Active Labs used his Apple iPhone and Apple iPad to test out mobile
banking apps, and found that 9 out of 10 have a security problem. When
dealing with your money, those are not the odds that you want to see.
Sanchez tested 40 of the world's 60 "most influential banks" and found
that some mobile banking apps allowed crooks to devise forms for
phishing. In other words, you could receive an email from the bank that
looks official, asking you for personal information. But instead of
going to the bank, the info goes to criminals using the information you
give them for evil purposes. Amazingly, 70% of the mobile banking apps
did not have an alternate method of authentication which could help
guard against impersonation of customers.
Most of the apps can easily disclose your authentication information
through the Apple system log. Using an iPhone Configuration Utility
tool, this information can come tumbling out of an application dump.
Nice, huh? And 20% of the apps sent out security codes through plaintext
communication heightening the possibility that confidential information
could be intercepted and used to drain your account. Some banks are
using an unencrypted database to store your confidential information.
No comments:
Post a Comment