MWC: What device highlights did you miss?

So, early last week I predicted that...

How Wireless Will Pave the Path to Neobank Profitability

I'm delighted to bring you an opinion...

An end of an era: Vodafone UK turns off 3G services

I thought it was worthwhile highlighting this...

It ges worse for Android: IBM uncovers Android banking vulnerability

The message for Android is increasingly bleak in the context of security. I really do wonder whether the average normob (“normal mobile user”) is beginning to form the view that ‘Android is insecure’.

I don’t know if the message has penetrated widely enough and often enough in mainstream media yet. But I’m sure some damage is being done.

The pivotable moment will be when an institution or company (e.g. bank or supermarket) with millions of customers reports a meaningful exception (e.g. “1 million of our customers that use our [platform name] app have lost £5 due to hacking”).

One-in-ten banking apps are wide open to a malicious drive-by hacking exploit that exposes user credentials when visiting bug-laden websites. The vulnerability – discovered by the IBM Security X-Force Research team – lies in Android applications built on the Apache Cordova previously PhoneGap platform. According to AppBrain, this affects 5.8% of all Android apps and roughly one-in-ten mobile banking apps.

via Finextra: IBM uncovers Android banking vulnerability; consumers turned off by security fears.

4 COMMENTS

  1. Read the words Apache/Cordova, formerly known as Phonegap.. Only a totally Mickey Mouse bank, or perhaps HSBC, would think that was an appropriately secure development platform for a banking app.

    This is not an Android security issue. It’s a third party software issue.

  2. That’s a fair point about Android, however I keep reading AndroidAndroiAndroid and VulnerabilityVulnerabilityVulnerability together. Soon the mainstream are going to form a view on this, no?

  3. I completely agree that the tabloid masses would get the impression that Android is insecure. In all fairness, there are hazards in the Android ecosystem that can catch out the ill informed and unlucky.
    Do you really want the health and safety gone mad, walled off world, of mobile computing where all responsibility for user behaviour is removed by draconian all pervading security protocols? That would be both illusory, and very boring, no?

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recently Published

MWC: What device highlights did you miss?

So, early last week I predicted that next to nothing from Mobile World Congress would break through into the mainstream media. I was right,...

How Wireless Will Pave the Path to Neobank Profitability

I'm delighted to bring you an opinion piece from Rafa Plantier at Gigs.com. I think it's particularly relevant given the recent eSIM news from...

An end of an era: Vodafone UK turns off 3G services

I thought it was worthwhile highlighting this one from the Vodafone UK team. For so long - for what feels like years, seeing the...

Mobile World Congress: Did the mainstream media notice?

I resolved this year to make sure I wrote something - anything - about Mobile World Congress, the huge mobile industry trade show taking...

NordVPN: Thanks again, Revolut

When I upgraded to Revolut's Ultra offering, I did so with a strong focus on the Financial Times digital subscription which normally retails at...

Revolut’s Roaming eSIM: 1 week later

This week I have been using Revolut's new eSIM capability whilst I was in Sweden for Stockholm FinTech Week. I'm an Ultra subscriber so...