skip to main content

CBWY Blog

Report Shows Major Security Holes in Banking Apps

<a href="https://cyberscout.com/education/blog/report-shows-major-security-holes-in-banking-apps">Report Shows Major Security Holes in Banking Apps</a>

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data.

The analysis was conducted by the Aite Group, which looked at mobile apps in eight categories: retail banking, credit cards, mobile payment, healthcare savings, retail finance, health insurance, auto insurance and cryptocurrency.

Among the most alarming finding was the practice of embedding and hard-coding of private certificates and API keys into banking apps. API keys and certificates are the primary means of authenticating a user’s identity and determining their level of access to data; leaving hard-coded versions on an app makes access significantly easier for a would-be hacker to gain far too much access to the data underpinning the apps themselves.

Other findings included improperly secured database commands (capable of allowing man-in-the-middle attacks), weak encryption, and the ability to reverse-engineer the app code into a readable format.

Aite declined to identify the companies behind the apps researched or say whether they had warned the companies about the security holes discovered in their apps.

Read more about their report’s findings here.

Link to original article

There is a Difference.
Commerce Bank of Wyoming is committed to website compliance with the Americans with Disabilities Act.
We strive to make our site useful and accessible to everyone. If you have questions or comments regarding the website please contact us.
copyright © 2004-2019 Commerce Bank of Wyoming. All rights reserved. / sitemap / Admin Login
top
^