We have published a new study reviewing the Security Landscape of Mobile Banking Applications in North America. The study is conducted on over 400 Android and iOS applications analyzing their release cycles, features, capabilities, and tech stacks. The study also performed a deep dive reviewing the mobile applications' security and privacy posture.
Here are some key insights from the study:
* Over 30% of the applications were released post-2021
* 67% of applications were updated in the last 3 months, and over 10% have not been updated in over 2 years.
* 85% of applications include at least one vulnerable components
* 55% of the applications have at least one high or critical severity vulnerability
* 100% of the applications used encrypted communication but 20% still initiated some communication over clear text.
* Over 20% of the applications suffered from the Biometric authentication bypass and 10% suffered from Authentication OAuth account takeover
alaeddine001|1 year ago
Here are some key insights from the study: * Over 30% of the applications were released post-2021 * 67% of applications were updated in the last 3 months, and over 10% have not been updated in over 2 years. * 85% of applications include at least one vulnerable components * 55% of the applications have at least one high or critical severity vulnerability * 100% of the applications used encrypted communication but 20% still initiated some communication over clear text. * Over 20% of the applications suffered from the Biometric authentication bypass and 10% suffered from Authentication OAuth account takeover
For more details, you can check the analysis and results of the study here: https://blog.ostorlab.co/security-mobile-banking-app-landsca...