Citigroup Inc. has reported that its free U.S. mobile banking iPhone application has a security glitch and that customers should update to the new app version (released July 19th) to correct the problem. The banking company said that the iPhone app accidentally saved sensitive banking information (account numbers, bill payments, security access codes) in a hidden file on the iPhone itself. The information from the app would also have been saved to the user’s computer had they synced their iPhone to it.
This security flaw affected roughly 117,600 customers who had registered the application since its launch in March 2009. Citi does not believe that there have been any incidents of exposed personal information. The bank states that its mobile bank app was the application able to access the hidden data.
Nonetheless, it is humbling to know that, had our iPhones been sentient, they could have gone on a rampant shopping spree of, say, Apple remotes and iPod car chargers under our name.
It’s a cautionary tale to the many who have recently taken up mobile banking as the next hip thing to do from your smartphone. For example, the Citi Mobile app is currently the 11th most popular app in the App Store’s finance category. Approximately 18 million adults are active, recurring users of mobile banking, which is 9% of all adults who use banking services. Citibank, with 800,000 mobile customers, is ranked fifth in mobile banking popularity, behind Bank of America (5 million users), JP Morgan Chase (2 million), United Services Automobile Association (1.5 million), and Wells Fargo (1.4 million).
The worrying implication is that mobile security measures are getting outpaced by the apps. With such a leak as this, a hacker could devise a malicious app to retrieve personal information stored on iPhones.
John Hering, CEO of the mobile security provider Lookout, says that his company has been finding more and more mobile applications that could potentially leak critical personal information. “Most consumers and app developers don’t know what is happening in their apps, because it is moving so fast,” Hering says. “Apps are proliferating so quickly. We will see more and more of this.”
[Photo courtesy of bt.]