Do you use the mobile app offered by your bank to make deposits or to handle other transactions? You might not be so eager to use it next time after hearing about the results of a recent study. Ariel Sanchez of IO Active Labs used his Apple iPhone and Apple iPad to test out mobile banking apps, and found that 9 out of 10 have a security problem. When dealing with your money, those are not the odds that you want to see.
Sanchez tested 40 of the world's 60 "most influential banks" and found that some mobile banking apps allowed crooks to devise forms for phishing. In other words, you could receive an email from the bank that looks official, asking you for personal information. But instead of going to the bank, the info goes to criminals using the information you give them for evil purposes. Amazingly, 70% of the mobile banking apps did not have an alternate method of authentication which could help guard against impersonation of customers.
Most of the apps can easily disclose your authentication information through the Apple system log. Using an iPhone Configuration Utility tool, this information can come tumbling out of an application dump. Nice, huh? And 20% of the apps sent out security codes through plaintext communication heightening the possibility that confidential information could be intercepted and used to drain your account. Some banks are using an unencrypted database to store your confidential information.
Hopefully the financial institutions look at the report and make the necessary changes. Look at
what happened to Snapchat when it didn't listen to a security expert. Right now, using a mobile banking app would appear to be akin to playing Russian Roulette with your money.
9 out of 10 mobile banking apps have security holes
source:
IOActive via
BGR
12 Comments
1. Jommick
Posts: 221; Member since: Sep 10, 2013
posted on Jan 14, 2014, 12:07 PM 4
10. joey_sfb
Posts: 6794; Member since: Mar 29, 2012
posted on Jan 14, 2014, 5:52 PM 0
2. InspectorGadget80 unregistered
posted on Jan 14, 2014, 12:23 PM 0
6. Augustine
Posts: 1043; Member since: Sep 28, 2013
posted on Jan 14, 2014, 2:25 PM 0
9. Jayshmay
Posts: 82; Member since: Mar 27, 2011
posted on Jan 14, 2014, 3:21 PM 0
12. Droid_X_Doug
Posts: 5993; Member since: Dec 22, 2010
posted on Jan 15, 2014, 12:21 AM 0
3. Aplusk
Posts: 120; Member since: Nov 10, 2013
posted on Jan 14, 2014, 12:26 PM 0
4. axllebeer
Posts: 272; Member since: Apr 05, 2011
posted on Jan 14, 2014, 12:34 PM 0
5. bubbadoes
Posts: 1225; Member since: May 03, 2012
posted on Jan 14, 2014, 1:18 PM 0
7. Augustine
Posts: 1043; Member since: Sep 28, 2013
posted on Jan 14, 2014, 2:27 PM 0
8. DukeX
Posts: 327; Member since: Aug 28, 2013
posted on Jan 14, 2014, 2:31 PM 2
11. Edmund
Posts: 656; Member since: Jul 13, 2012
posted on Jan 14, 2014, 8:12 PM 0
PhoneArena Comments Rules
A discussion is a place, where people can voice their opinion, no matter if it is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please, contact us.
Comments Options
Report Post
Send a warning to post author
Send a warning to Selected user. The user has 0 warnings currently.
Ban user and delete all posts
Message to PhoneArena moderator (optional):