Need to make a trade at three AM? Or shift money between accounts while you’re waiting in the airport? There’s an app for that. But although money management apps from online stores and financial institutions make 24/7 banking easy, a new study by cybersecuirty expert Ariel Sanchez finds that at least 90 percent of those handy little applications are likely to have serious security flaws that could compromise users’ identity.
Apps are everywhere, available from reliable and not so reliable online stores – and also financial institutions that supply customers with a banking app that lets them manage their accounts from iPhones and Android devices. They all come with assurances that users’ data will be safe, thanks to password protection and various layers of data encryption.
But according to a new post to the
tech website BGR, online security expert Ariel Sanchez found that those assurances are hollow. The banking apps he studied include those issued by the world’s leading financial institutions, and a full 90% of them were lacking key elements of essential data protection.
Security of most apps depends on a combination of features including SSL certificate validation to ensure that the websites involved in the transaction are legitimate, secure UI connections, and security verification of links attached to transmissions being sent between the two sites. A failure of security at any point in the process can let hackers inject code elements that capture data, or allow corrupted links and malware to enter a user’s device.
If protections are missing on any of those levels, a user’s financial data and entire identity could be hijacked. That’s sobering news in light of the ongoing saga of ht Target department store data hack, which saw millions of users’ credit card information hijacked over the Thanksgiving weekend in 2013. Although the investigation into the Target incident is still ongoing, a major culprit appears to be vulnerabilities in American card technology which relies on archaic magnetic strip technology rather than the more sophisticated chip encryption used in much of the rest of the world.
What’s a busy investor to do? Security experts point out that awareness is the key to safety. Recognize that financial management software and apps may very likely have major security gaps – and handle your data accordingly. Check accounts frequently and incorporate your own security safeguards with strong passwords changed frequently. And even if you don’t consider yourself a computer geek, learn about online security and how it works.
Another alternative is to handle banking and investing transactions the old-fashioned way – by bypassing the convenience of 24/7 access for in-person dealings with an instruction you trust. But for most of us in this busy digital driven world, that’s not always an option. So an investor’s best bet is to take Jason Hartman’s advice to stay educated and in control of all that money management technology – before it takes control of you. (Top image: Flickr/denharsh)
Epstein, Zach. “Manor Security Holes Found in 90% of Mobile Banking Apps.” BGR Money. BGR.com. 24 Jan 2014.
The American Monetary Association is the source for financial and monetary policy news you can use. Read more from our archives:
The American Monetary Association Team