Mobile banking is more popular than ever, and just about every bank out there, plus PayPal, has an app for the iPhone, and for other smartphones as well. One of the main concerns about mobile banking has been keeping sensitive information safe. We’re not talking just names and e-mail addresses here, but account numbers and PINs. Put a few of those information blocks together, and a thief can really do some damage. And while we’re all pretty comfortable with our smartphones, and use them for everything from e-mail to social networking to making the occasional phone call, it’s still relatively new technology that hasn’t quite been perfected yet, at least not in terms of constant security. A lot of people got a reminder about that earlier this week when Citigroup announced its mobile banking app contained a security flaw.
Citibank, the banking arm under the Citigroup umbrella, is currently the number five mobile banking provider with about 800,000 mobile customers. Approximately 117,600 of those customers who use the Citi Mobile iPhone app were affected by what’s being described as a flaw in the app’s programming.
Citigroup released a statement explaining that whenever a customer used the app, it would save the customer’s banking account information on a hidden file stored on the iPhone. The company went on to say it doesn’t believe anyone’s personal data was compromised since its mobile banking app is the only application able to access the hidden data file.
Still, it posed a risk. John Hering, the CEO of Lookout, a mobile security provider, said the problem with programming flaws of this nature is that a hacker could create another app that is designed to retrieve data from hidden files on the phone. The risk would become even greater if a user’s phone was lost or stolen.
Citigroup released an upgraded application on July 19 that does not store any information, and also deletes any previously saved account data that may remain in the user’s iPhone or computer when the phone was synced.
If you’re a Citibank customer, and you use this app, you may want to upgrade if you haven’t already.