An assessment of 40 of the world's top mobile banking apps on the iPhone operating system revealed major security flaws, potentially exposing the personal data of users to hackers.
A report by Ariel Sanchez, a researcher from IOActive Labs in the US, found that more than half of the mobile banking apps running on iOS failed to implement the basic security measures against hackers.
More worryingly, said Sanchez, the mobile banking apps could be installed and run on a device that has been "jailbroken" (when the limitations on an Apple device are disabled).
A user can download and run additional applications that are not approved by Apple, such as third party apps, on a jailbroken device.
The snag is that the user then faces greater security risks.
A jailbreak can be reversed at any time by simply restoring the factory settings of the device in iTunes. Sanchez noted that only 10% of apps had jailbreak detection capabilities.
In South Africa, Standard Bank's mobile banking app cannot be installed on a jailbroken device, and FNB has warned against jailbreaking . FNB spokesman Giuseppe Virgillito said jailbroken devices can be susceptible to fraudsters and security breaches.
Sanchez said "another concern" was that "70% of the apps don't have multi-factor authentication, which could help mitigate the risk of impersonation attacks".
Multi-factor authentication is a process whereby a username and password is requested, and once successfully completed, a log-in code is sent to another device.
Access is not granted without the additional log-in code.
Craig Rosewarne, the managing director of Wolfpack Information Risk, said: "We have not seen any major compromises of local mobile banking apps in South Africa.
"But, based on international trends, they will become more of a target."
Just R20 for the first month. Support independent journalism by subscribing to our digital news package. 
