A new study has found critical vulnerabilities in nine major banking apps including the ones from NatWest, HSBC, and the Bank of American Health.
Together, these apps boast a user base of 10 million people. Had the flaw in the apps been exploited, the login details of all the users could have been compromised.
To conduct their study, researchers at the University of Birmingham created a unique tool for testing the apps. They ran the tool on 400 security-sensitive apps. The paper was presented Wednesday at the Annual Computer Security Applications Conference in Orlando.
Most apps that require higher security use a TLS connection. It helps establish an encrypted link between your phone and the bank’s server. This is to make sure that while you are doing security-sensitive actions like banking on your phone, your communication indeed is with the bank and not with a malicious server.