Are Online Banking Apps secure? Think Again ...

4:24 PM
Are Online Banking Apps secure? Think Again ... -

Hi, Marcus and me my name might steal your money. How? Easily: thanks to the online banking application that is on your mobile device. If you think I must be a good hacking genius computer, read the code of an exciting visually as Hugh Jackman in Swordfish, well ...

All that you will not be far is about "beautiful". 😉

Hacking mobile applications of the most famous banks in the world is easy thanks to the fact that

  1. The average online banking application is not particularly well from the point of view of safety.
  2. many online tutorials exist to direct even the most novice pirates of the internet, with free software available.
  3. you think that you are safe in your online banking application, and act accordingly.

On all these your ignorance is the worst offender, followed by how poorly most of these banking applications are made.

Reverse engineering :? How mobile banking applications on Android and Windows is pirated

Reverse engineering is an old trick used by legitimate programmers who want to find errors in their source code. Hackers use this common coding technique to make these banking apps to share and build your transactions through these applications.

burglar-157142_640 There are two ways that it works. First, the application can be connected to an external server that the hacker works. The hacker can then see your user name, password, and even account balance. See ya later, money.

Second, the hacker can access by "piggybacking" on a transaction. Say you send the money to me because we are good friends and I lent you money last week (this story is fiction, I do not lend money). You use your online banking application to send me $ 40 you owe me.

The hacker can then be added in the transaction so you allow the banking application to send me my $ 40 (thank you), while the hacker banking application also sending $ 100 their way ( "Double thank you," said the pirate) before you even know what is happening.

Else how are mobile banking on vulnerable iOS devices?

There are two other ways that do not concern as piracy. They are more on general security issues are not addressed properly, both which were found in a study by IOActive Labs.

70% of online banking applications they tested did not support the two-factor authentication. This security feature makes it so you have to use a second code sent by SMS to access your account. What makes it so even if a hacker steals your username and password, they will also steal your phone so that they can enter the SMS code.

The second issue is that 40% of online banking applications would accept an SSL certificate for secure HTTP traffic. An authentic SSL certificate enable encrypted communication between you and the website. You know you have when you see a lock to the left of your address bar, and that the Web address begins with https.

Screen Shot 2014-07-30 at 5.33.20 PM HTTPS is the secure encryption code that makes the internet world go 'round. When your mobile accepts these false SSL certificates, you will not know. Not because you are ignorant, but because you literally can not know that these applications do not even give warning and blindly accept an SSL certificate.

Now if you look at the statistics again, it is said that 60% of online banking applications for iOS to point out these problems. 60% is not a passing grade for me since I became an adult, and developers need to do a better job.

what users can do to protect

None of these studies found that banking applications were vulnerable. What can you do to protect yourself when you are not sure whether or not you're vulnerable? Here are my suggestions:

  • Immediately cease using any mobile banking application that has no two-factor authentication. A bank that does not protect you better than Facebook protects your shared pictures LOLCats is not worth it.
  • Only download applications from the official app store on your phone. This means going to the Apple App Store, Android Market, or Windows Phone store.
  • Use the online, mobile or desktop version of your online bank. Honestly, how many times have you absolutely to the bank on your phone? This will minimize the risk that the online version took almost 2 decades to increase their security while mobile applications are still very young.
  • shield-296639_150 Install a VPN client on your smartphone for those times when you need to use an application of mobile banking. This will offer an encryption layer on everything you do online, making you a harder target for hackers. Read more on suppliers and examined VPN in the link.
  • You need an antivirus application on your phone. We are a long way from rotary phones, you need an antivirus application to help stop attacks on your phone that do not begin with "Is your refrigerator running?"
  • If you somewhat technically inclined, look in the background of your applications to see if anything unusual happens. Do a search for anything that seems strange and see if it is a threat

While all of these are great tips, I would like to summarize my opinion in one sentence :.

I never installed a mobile banking application on my phone, and you should not .

the above reasons are why I did not. So there is a significant change in online security policies of the main banking applications online, I will continue to follow my current path. If your life dictates that you use them at some point, take my advice and protect yourself.

broken piggy bank OneSixZero
Crowbar Robber OpenClips.
Nemo protective shield.

Previous
Next Post »
0 Komentar