Mobile Banking Apps For iOS Woefully Insecure 139
msm1267 writes "Mobile banking applications fall short on their use of encryption, validation of digital certificates and two-factor authentication, putting financial transactions at risk worldwide. An examination of 40 iOS mobile banking apps from 60 leading banks worldwide revealed a slew of security shortcomings that also included hard-coded development credentials discovered during a static analysis of app binaries. It's a mess, and to date, most of the banks have been informed and none have provided feedback indicating the vulnerabilities were patched."
You Must Be Crazy ... (Score:5, Interesting)
Re:You Must Be Crazy ... (Score:4, Interesting)
Re:You Must Be Crazy ... (Score:5, Interesting)
Who's writing keylogging malware for CentOS?
Re:feedback (Score:2, Interesting)
Most of these banks are contracting mobile development out.
I would bet that 80% of these 60 banks are buying the same moderately customized app(s) from the same vendors.
I would also suspect there will be similar flaw with the android versions.
Given that most banks don't have any in-house mobile development, they are probably all descending on
the few vendors that wrote and customized these apps, an they will all get fixed about the same time.
Re:feedback (Score:5, Interesting)