Major Mobile Financial Apps Harbor Built-In Vulnerabilities

Mobile applications are failing to protect user data because they are lacking necessary security features.  A recent research study conducted by Aite Group tested application security by decompiling the apps to their source code.  This was the first of many vulnerabilities given that application shielding should prevent unauthorized individuals the ability to decompile and perform their own vulnerability assessment.  There are noticeable differences in the applications produced by traditional financial institutions known for their security but lacking the knowledge needed for mobile development, and the newer online financial institutions that lack experience in regulatory requirements but know proper secure development tactics.  Nathan Wenzler, Senior Director of Cybersecurity  at Moss Adams, is "adamant that a failure to improve mobile financial app security could have huge consequences for banks and financial services companies."  Clients are urged to review their DevSecOps to ensure that security is at the forefront of all development practices. 

Relevant URL(s): https://www.darkreading.com/application-security/major-mobile-financial-apps-harbor-built-in-vulnerabilities/d/d-id/1334321