20131212-BankAppsWeak

12/12/2013 80% Mobile Banking Apps Weak

About 51% of US adults bank on line. 32% use mobile banking according to a Pew Research Center report in August 2013. Many of them used ready-to-download Apple iOS and Android banking applications. 8 of 10 of those were improperly configured leaving significant security vulnerabilities.
 

Security experts this month [December 2013] tested 275 Apple iOS- and Android-based mobile banking apps from 50 major financial institutions, 50 large regional banks, and 50 large U.S. credit unions. Overall, they found that eight out of 10 apps were improperly configured and not built using best practices software development. Among the big-name banks whose mobile apps were tested by security firm Praetorian include Bank of America, Citigroup, Wells Fargo, Goldman Sachs, Morgan Stanley, Capital One Financial, and Suntrust Banks. Praetorian did not disclose how each bank’s apps fared in the tests.

The tests did not cover the whole attack surface, just the mobile end. Other vulnerabilities may exist beyond the mobile application at scanners and inside back end processes.

The article
[ http://www.darkreading.com/vulnerability/weak-security-in-most-mobile-banking-app/240164731 ]
The underlying test is available at (registration required)
http://www.praetorian.com/promo/mobile-banking-security-report
The Pew Research Center report
http://www.pewinternet.org/~/media/Files/Reports/2013/PIP_OnlineBanking.pdf

 

Return to 2013 details page
Year links page
Return to References page

Links above were active at the time they were gathered. Links shown in non-hypertext (not clickable) are known to be no longer supported on their hosts.