By Ariel Sanchez
Two years ago, I decided to conduct research in order to obtain a global view of the state of security of mobile banking apps from some important banks.
In this blog post, I will present my latest results to show how the security of the same mobile banking apps has evolved.
My research included 40 mobile banking apps with the following global distribution:
The metrics I used for this research are the same as before:
- Limited to iOS platform
- Black box approach
- All tests were only performed on the app (client side); my research excluded any server-side testing
- This research does not describe the vulnerabilities I found or how to exploit them in order to protect the owners of the apps and their customers
- Some of the affected banks were contacted, and the vulnerabilities reported