Mobile banking apps are exposing user data to attackers
Positive Technologies’ study finds 13 out of 14 banking apps gave attackers access to user data
In 2019, Positive Technologies assessed the security level of a number of banking apps and found vulnerabilities in each one. Per the report, each vulnerability could be traced to faults in the application code, client-server interaction and the implementation of security mechanisms.
On the user-side, Positive Technologies found 13 out of 14 applications unwittingly gave attackers access to user data. For more than a third of the banking apps tests, vulnerabilities could be exploited without administrator rights. Further, 76% of these vulnerabilities could be exploited without the attacker having physical access to the account holder’s device.
On the server-side, researchers found servers contained 54% of all vulnerabilities identified in the study. According to Positive Technologies, each mobile bank had an average of 23 server-side vulnerabilities. Plus, at five out of seven banks, hackers were able to steal user credentials and at one-third of banks, users’ card information is at risk of being stolen.
Though these statistics are staggering enough, the FBI recently revealed a 50% increase in attacks against mobile banking apps since the beginning of 2020. In its announcement, the FBI said it expects threat actors to attempt to exploit mobile banking customers by using a variety of techniques, such as app-based banking Trojans and even fake banking apps.
Meeting the future of education with confidence
How the switch to digital learning has created an opportunity to meet the needs of every student, alwaysFree Download
The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana
Cost savings and business benefitsFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
Why PCaaS is perfect for modern schoolsFree Download