Bank of America, Wells Fargo, USAA, and three other banks are trying to fix security flaws in their wireless banking applications. The flaw in their applications is that information is stored on the user's mobile phone. Thus, if a hacker gained physical access to the user's phone or if the hacker got the user to visit a malicious website. In order to get the user to visit a bad website the hacker would have to phish to users by sending either emails or text messages, saying that there is a problem with their account and they need to visit this website to fix the problem.
The information that is stored on the phone is user names, passwords, and financial information that hackers could use for their own personal advantage. The only bank that found no flaws in its mobile applications was the Vanguard Group. It makes you wonder how the banks could have over looked such a simple problem. I mean it is not uncommon for people to lose or sell their phones. And unless erased, the phones would still contain the user's personal banking information.
No comments:
Post a Comment