Don’t move your wallet onto your phone yet
TweetFollow Us on Twitter

Don’t move your wallet onto your phone yet

Mobile banking on Android phones could put consumers at risk of fraud and cost banks millions a year global IT security firm MWR InfoSecurity has warned.

MWR Labs, the research arm of MWR InfoSecurity, investigated the security standards of leading Android mobile phone brands to determine the overall exposure to risk of consumers who use mobile devices phones for online banking. Recent research has shown that Android is now the leading phone platform with over 50% market share, driving the development of mobile banking apps for the Android Environment. Results indicated that on some handsets as many as 64% of manufacturer added applications were exposing users to serious security issues.

"We found that while banking apps were generally well written and had very few security issues, the integrity of consumer phones was often compromised by software provided by the phone manufacturer or additional software added by the network provider, exposing online banking customers to potential fraud," Harry Grobbelaar, MWR’s managing director in South Africa, said. "Some of the leading Android handset manufacturers are already looking at shipping mobile devices with native near-field communication (NFC) payment functionalities but if the software in the phones is not secure, the risk will then be even higher."

More to the point, the increasing number of merchants moving to smartphone based Point of Sale (POS) devices, for example using Bluetooth or directly connected chip-and-pin accessories for iPhone or Android, indicates that mobile phones will become a critical element in the payment chain and if not adequately protected, they could introduce additional risks for card fraud that could cost banks millions a year.

The above findings were illustrated by the ruling on HTC by the Federal Trade Commission in the United States on Feb. 22 that required immediate action by HTC to address security weaknesses in the software developed for its mobile devices that allowed location tracking and the theft of personal information stored on users phones.

The MWR Labs looked at six classes of potential vulnerabilities in apps and packages in the leading brands and mobile phones using a modified version of Mercury, its security testing framework, to automatically scan the devices and identify security weaknesses.

The research discovered security vulnerabilities in software added by phone manufacturers or network providers which could be targeted by a malicious application inadvertently downloaded by the user. These weak apps often have more permissions that allow them to access contacts, make telephone calls and even record the content of those calls, meaning that the potential consequences are serious and sensitive data could be compromised. Other applications were found that allowed further apps to be installed with an arbitrary set of permissions, essentially leaving consumers fully exposed to fraud.

Grobbelaar adds: "The move by consumers away from PCs for online banking to mobile platforms will inevitably be followed by the criminal gangs who have been successfully targeting online banking for years. We have already seen many examples of malicious apps sending premium rate text messages and expect there will be a natural progression to higher value areas such as payments and banking."
MWR InfoSecurity supplies services which support clients in identifying, managing and mitigating their Information Security risks."

Apple Inc.
Alphabet Inc.
Microsoft Corporation
MacNews Search:
Community Search:
view counter

view counter
view counter
view counter
view counter
view counter
view counter

Snowboard Party 2 (Games)
Snowboard Party 2 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: Crowned the best snowboarding game available on the market, Snowboard Party is back to fulfill all your adrenaline needs in this long-awaited sequel. Experience the new time-attack race mode and practice your best tricks in... | Read more »
The best games like Animal Crossing on m...
Animal Crossing amiibo Festival is out right now for the Wii U, reminding us of just how much fun that world can be. Or at least to go back and check in on our villages once in a while. [Read more] | Read more »
Between 2 Taps - Tap for Tap interview M...
Hello, and welcome back to Between 2 Taps, Tap for Tap’s Indie Dev interview series. [Read more] | Read more »
Facility 47 (Games)
Facility 47 1.0.1 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0.1 (iTunes) Description: You wake up alone and freezing in an icy cell. You try the cell door but it’s locked, it seems that you are stuck with no apparent escape. All that surrounds you is a letter and a bottle of pills, and no sign of how long you... | Read more »
The best Photoshop alternative on iPad
Instagram and Lightroom are great and all, but sometimes people need to get extra creative with their image editing.Like, Photoshop creative. If you're one of these people, take a look at our pick for the best mobile Photoshop experience on iPad. [Read more] | Read more »
The Walking Dead: No Man’s Land guide -...
A new update for The Walking Dead: No Man’s Land was released last week, making it the perfect time for you to head back to your base and take out some walkers. Here’s the lowdown on what’s new to the game, and how to take advantage. [Read more] | Read more »
Goat Rider guide - Tips and tricks to st...
We've all been there. One second, we're riding high on a crazed goat, and the next, we've been tossed off it like someone who's no good at goat ridin'. [Read more] | Read more »
Real Boxing 2 CREED: How to become a gre...
Just in time for Rocky fans who can’t wait to see CREED, the latest movie, we have the official tie-in game,Real Boxing 2 CREED. It builds on the success of its predecessor and there’s lots to take in so we at 148apps thought we’d run you through the basics to help you get started. [Read more] | Read more »
CoinOp Heroes 2 guide - How to build an...
CoinOp Heroes 2 justlaunched and, like all clickers, it's dangerously addictive stuff. You have to furiously tap your screen to defeat wave after wave of foes and earn an insane amount of cash to spend on character upgrades and an army of minions. [Read more] | Read more »
Dr. Panda Firefighters (Education)
Dr. Panda Firefighters 1.0.1 Device: iOS Universal Category: Education Price: $2.99, Version: 1.0.1 (iTunes) Description: FIGHT FIRES AND SAVE THE DAY!Work together with Dr. Panda and his firefighting team to rescue his trapped friends! Race through the burning building, extinguish the flames and use the right tools to clear the... | Read more »
All contents are Copyright 1984-2010 by Xplain Corporation. All rights reserved. Theme designed by Icreon.