Today’s Financial Services customers use their devices for more than simply “banking”. Most of us have separate investment accounts – and their corresponding apps – as well new payments services such as Venmo. So, the question applies to all my financial transactions – not just banking. The question is my various financial apps secure? Likewise, are they more secure than simply using a browser?
Researching today’s emerging Fintech apps found that 90% include links which do not use SSL (https). 40% didn’t check the validity of SSL certificates, 50% were vulnerable to cross-site scripting, and 40% were vulnerable to man in the middle attacks.
Moreover, few browser-based financial service applications do not use two-factor authentication. Systems that use two-factor authentication, preferably with a separate device that generates new passwords on demand, are really the way to go.
Read the full article here.