Friday 308

Stupid bankers

Filed under: Computers, Security — zundel @ pm

Idiots. Basic mistakes that grossly compromise security.

Firm finds security holes in mobile bank apps

Specifically, viaForensics concluded that: the USAA’s Android app stored copies of Web pages a user visited on the phone; TD Ameritrade’s iPhone and Android apps were storing the user name in plain text on the phone; Wells Fargo’s Android app stored user name, password, and account data in plain text on the phone; Bank of America’s Android app saves a security question (used if a user was accessing the site from an unrecognized device) in plain text on the phone; and Chase’s iPhone app stores the username on a phone if the user chose that option, according to the report.


Blog at WordPress.com.

%d bloggers like this: