SSL Vulnerabilities in Your Mobile Apps: What Could Possibly Go Wrong?
Blog Article Published: 09/29/2014
By Patriz Regalado, Product Marketing Manager, Venafi The majority of people and consumers don’t usually think about security and data privacy when they log into their mobile banking app, take a photo of the check, and make a mobile deposit directly into their account. Nor do they think about security as they conveniently purchase their movie tickets on a Fandango mobile app. People will automatically assume the company has issued a secure app, especially if the app comes from a reputable G2000 company and they downloaded it from the Apple or Google Play app store—or even directly from their employer. What could possibly go wrong? Well, evidently there’s a lot that can go wrong. SSL vulnerabilities in the Android and iOS ecosystems and the man-in-the-middle (MITM) attacks they enable are exposing consumers’ banking credentials, health information, and other personal information. What’s even scarier is that SSL vulnerabilities are prevalent in many of today’s most popular mobile apps as was recently uncovered by university researchers. The study found Android vulnerabilities that enabled the researchers to hack personal information such as usernames and passwords, social security numbers, and steal check images from popular mobile apps with the following success rates:
- 92% for Gmail
- 83% for Chase
- 92% for H&R Block
- 86% for Newegg
- 85% for WebMD
- 83% for Hotels.com
- 48% for Amazon
Share this content on your favorite social network today!