November 10, 2010 at 3:49 am #5791Don DonzalKeymaster
Security holes in Android and iPhone apps from PayPal, Bank of America, Chase, Wells Fargo, and more could give attackers access to financial data.
By Mathew J. Schwartz , InformationWeek
November 5, 2010 11:29 AM
Smartphone banking applications from Bank of America, Chase, PayPal, TD Ameritrade, USAA and Wells Fargo have bugs that an attacker could exploit to steal people’s personal financial information. So said digital forensics firm viaForensics in a security warning released Thursday. The security flaw was not found in the firm’s testing of a Vanguard Group smartphone banking app.
“We encountered a surprising and increasing amount of highly sensitive financial and identity information on smartphones,” said Andrew Hoog, CIO of viaForensics. “This information, uncovered on both Apple iPhones and Google Android devices, would only benefit cyber criminals and identity thieves. While Google and Apple each approach the app review process differently, neither approach has prevented insecure applications from being installed.”
Hoog said that his company began “communicating and coordinating with the financial institutions to eliminate the flaws” on Monday, and that the vulnerability announcement reflects how the applications performed as of Wednesday. “Since that time, several of the institutions have released new versions and we will post updated findings shortly.”
November 26, 2010 at 11:04 am #36301AnquilasParticipant
i phone got many problems related to security specially , android is the best OS of mobiles it got plenty of great features .
I’m an Android lover too, but to be fair both have great features, and both have security problems, just for the record 😉
Here in Belgium they are starting to roll out mobile banking apps as well. I’m holding on tight here to see what security nightmares will come forth.
- You must be logged in to reply to this topic.