Heroic Investing
Welcome! If this is your first time visiting Jason Hartman's website, please read this page to learn more about what we do here. You may also be interested in receiving updates from our blog via RSS or via email if you prefer. If you have any questions about first responder finance feel free to contact us anytime! Thanks!

Mobile Banking Apps Conceal Security Flaws

HI1-25-14Constant connectivity makes it easy to manage finances on the go. There’s an app for just bout any kind of transaction, on any device you care to use – all guaranteeing the safety and confidentiality of the sensitive information you send. But that’s not necessarily so, according to a new study that found major security holes in a staggering 90% of moblie banking and investing apps.

Apps are everywhere, available from reliable and not so reliable online stores – and also financial institutions that supply customers with a banking app that lets them manage their accounts from iPhones and Android devices. They all come with assurances that users’ data will be safe, thanks to password protection and various layers of data encryption.

But according to a new post to the tech website BGR, online security expert Ariel Sanchez found that those assurances are hollow. The banking apps he studied include those issued by the world’s leading financial institutions, and a full 90% of them were lacking key elements of essential data protection.

Security of most apps depends on a combination of features including SSL certificate validation to ensure that the websites involved in the transactions are legitimate, secure UI connections, and security verification of links attached to transmissions being sent between the two sites. A failure of security at any point in the process can let hackers inject code elements that capture data, or allow corrupted links and malware to enter a user’s device.

If protections are missing on any of those levels, a user’s financial data and entire identity could be hijacked. That’s sobering news in light of the ongoing saga of the Target department store data hack, which saw millions of users’ credit card information hijacked over the Thanksgiving weekend in 2013. Although the investigation into the Target incident is still ongoing, a major culprit appears to be vulnerabilities in American card technology which relies on archaic magnetic strip technology rather than the more sophisticated chip encryption used in much of the rest of the world – another reason to worry about safeguarding personal information.

What’s a busy investor to do? Security experts point out that awareness is the key to safety. Recognize that financial management software and apps may very likely have major security gaps – and handle your data accordingly. Check accounts frequently and incorporate your own security safeguards with strong passwords changed frequently. And even if you don’t consider yourself a computer geek, learn about online security and how it works.

Another alternative is to handle banking and investing transactions the old-fashioned way – by bypassing the convenience of 24/7 access for in-person dealings with an institution you trust. But for most of us in this busy digital driven world, that’s not always an option. So an investor’s best bet is to take Jason Hartman’s advice to stay educated and in control of all that money management technology – before it takes control of you.  (Top image:Flickr/denharsh)


Epstein, Zach. “Manor Security Holes Found in 90% of Mobile Banking Apps.” BGR Money. BGR.com 24 Jan 2014.

Heroic Investing is the complete investing solution for first responders. Read more from our archives:

What Can Investors Learn From Wilderness Adventuring?

Should You Clean Up Your Online Profile?

The Heroic Investing Team

Heroic Investing logo



Tags: , , , , , , , ,