Mobile banking has become very popular due to convenient access to accounts and resources it provides.
Many popular banks now have mobile apps and I’m sure most of us have wondered just how secure they are.
Security researcher Ariel Sanchez at IOActive Labs took a look at 40 iOS banking apps and found they are not as secure as we’d hope.
Multi-factor authentication has been slow to be adopted here in the U.S. and is a nice added layer of defense. Typically, we see it in the form of two-factor where confirmation via SMS or voice call is required.
You can read the full write here where IOActive goes into detail regarding other vulnerabilities.
The bank apps involved in the testing were not listed and have not been targeted based on their vulnerabilities to date.
IOActive has contacted the banks to share their findings, hopefully they will take Ariel’s discoveries seriously and look into updating their apps.
To keep safe while mobile banking always use a secure connection–no public WiFi, set-up multi-factor authentication–if offered, and log out of your account when done.