One in four mobile banking and financial transaction apps examined by digital forensics and security firm Via Forensics failed fundamental security tests, the company said.
The Oak Park, Ill., company tested dozens of apps and found numerous glaring problems, such as banking passwords that proved easy to find on a mobile device. User names also were easy to find on some phones, the company said.
Final results showed 44% of the tested apps passed, 31% received a “warning” (some data were leaked but the risks were not deemed to be grave), and 25% failed.
Among the apps that failed, the company said, were Groupon (Android version), Mint (Android, iPhone), Netflix (Android) and the Starbucks card (Android).
For example, the Starbucks card (an unofficial card, about which Via Forensics specifically noted, “Via Forensics does not claim Starbucks is responsible for the quality or problems with this mobile application”) failed because it insecurely stored the user's credit card number, Via Forensics said, while Groupon failed for the same reason.
Personal financial planning app Mint failed, said Via Forensics, because the app retained user name; if PIN is set to protect data, it is stored unencrypted; and the app retained account info, transactions, balances and alerts.
Among the apps that got warnings are Amazon Mobile (iPhone, Android), Best Buy (iPhone, Android), eBay (Android, iPhone, and PayPal (iPhone only – Android app passed).
No credit union mobile apps showed up on the list.
Banks with rated apps include Bank of America (pass), Chase (warning for iPhone, pass for Android), CitiBank (pass), USAA (pass) and Wells Fargo (pass).
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
