Jon Fox
CALPIRG
San Francisco, CA – CALPIRG warned consumers of security vulnerabilities found in many smart-phones posing a risk to identity and financial theft. While today’s smart-phones allow users to access the World Wide Web like little computers, they provide much less security, warned Jon Fox, a Consumer Advocate with CALPIRG.
“Storing unencrypted financial data is like leaving your front door unlocked,” explained Jon Fox, “You’re not guaranteed to be robbed, but it makes it easier for ID thieves to make off with your information.”
Researchers with ViaForensics recently reported that many apps for both Apple’s iOS and Google’s Android platforms are not secure. After testing 100 financial, social networking, productivity and retail apps, over 75% failed to adequately secure user account names and 10% failed to secure user passwords. Apps often store passwords in plain text. As a result, a quick malware infection could leave passwords compromised and consumers at risk of identity theft.
“Consumers can use their smart-phone to update their FaceBook status or check their bank balance – but are doing so in a less secure environment” warned Jon Fox, adding “If a lost smart-phone fell into criminal hands, mobile apps expose consumers to a serious risk of identity and financial theft.”
While financial apps lead the way in terms of data encryption and other security measures, many remain vulnerable. Researchers were able to recover app data from 69% of the tested apps and to recover payment history, partial credit card numbers, security PINs, login credentials and other transaction-related data. For example, Mint.com’s iPhone and Android apps kept financial account information, stored user transaction history and balance information directly on the phone which could then be easily recovered by criminals.
CALPIRG has the following tips for consumers:
###
The California Public Interest Research Group (CALPIRG) is a result-oriented public interest group that protects consumers, encourages a fair sustainable economy, and fosters responsive democratic governance.