83% of mobile finance apps vulnerable to hacking

Anne Freier

In Mobile Advertising. April 4, 2019

The majority of financial mobile apps on the Google Play store may be vulnerable to hacking with 83% of them storing data insecurely.

That’s according to a new report from app security firm Arxan Technologies carried out by Aite Group, which analysed the mobile apps of 30 financial institutions providing services such as retail banking, credit cards, mobile payments and health insurance.

Among the apps tested, 83% came with weak storage provisions outside of the app enabling hackers to access API keys. Another 90% of apps leaked data unintentionally.

“With (financial institutions) holding such sensitive financial and personal data and operating in such stringent regulatory environments it is shocking to see just how many of their applications lack basic secure coding practices and app security protections,” said Alissa Knight, senior analyst at Aite Group.

“It’s clear from the findings that the industry needs to address the vulnerability epidemic throughout its mobile apps and employ a defense-in-depth approach to securing mobile applications starting with app protection, threat detection and encryption capabilities implemented at the code level.”

A whopping 97% of apps also scored negatively for binary code protection which meant that app source code could easily be tampered with by hackers.

The data highlights that financial institutions must ensure that user data remains safe and various testing strategies can be employed to ensure that storage facilities can’t be hacked.