Mobile Banking Apps For iOS Woefully Insecure

Posted by Soulskill on Friday January 10, 2014 @11:06AM from the raise-your-hand-if-you're-surprised dept.

msm1267 writes "Mobile banking applications fall short on their use of encryption, validation of digital certificates and two-factor authentication, putting financial transactions at risk worldwide. An examination of 40 iOS mobile banking apps from 60 leading banks worldwide revealed a slew of security shortcomings that also included hard-coded development credentials discovered during a static analysis of app binaries. It's a mess, and to date, most of the banks have been informed and none have provided feedback indicating the vulnerabilities were patched."

3 of 139 comments (clear)

Min score:

Reason:

Sort:

these guys pushed the 4 digit pin by RichMan · 2014-01-10 11:22 · Score: 5, Funny

The banking people made the glory of the 4 digit decimal PIN authentication a universal standard.
I am sure they know all about very secure systems and the public domain.
I'm shocked. by binaryhermit · 2014-01-10 11:38 · Score: 2, Funny

Banks doing something insecure? What's next? The government capturing all internet traffic in the name of stopping terrorism?
It's in the repo by Anonymous Coward · 2014-01-10 11:42 · Score: 2, Funny

Try "yum install logkeys"