Mobile Banking for credit unions has been a hot topic for quite some time now. Recent media reports of “Major security flaws found in 90% of top mobile banking apps” have alarmed credit unions who already have or are considering the purchase of a mobile banking app.
- IO Interactive Labs Research found that 90% of mobile banking apps from 60 of the top financial institutions around the world contained non-SSL [insecure] links throughout their applications. This allows an attacker to create a fake login prompt or similar scam.
- IO Interactive Labs Research also found that 40% of the audited apps did not validate the authenticity of the SSL certificates presented. This makes such apps susceptible to Man in the Middle (MiTM) attacks.
- IO Interactive Labs Research further noted that 50% of the apps tested were vulnerable to JavaScript injections, this would allow actions such as sending SMS (texts) or emails from the victim’s device.
- Praetorian noted in their study (which included apps from the 50 largest credit unions and their credit union core technology) that 8 out of 10 mobile banking applications contain build and configuration setting weaknesses.
- When Arxan was interviewed they noted that counterfeit apps are on the rise, which may include toxic malware.
Technology that is designed by a single developer does not just provide for an enhanced user experience and provide the benefits of complete integration. Such products also provide the benefits of a secure and controlled environment.
Download our NEW eGuide
In our new eGuide: Mobile App Security, learn how the FLEX core system and its ancillary product set, including mobile apps, provide for complete integration and unmatched security, including answers to these security threats.