Financial Application Security in 2021: A Report
First released in 2020, our annual report focuses on the current state of financial app security. Tap for some surprising stats from our 2021 report!
Our research methodology
150+ apps downloaded from Google’s PlayStore or iOS’ App Store. Four major financial sectors: banking, mobile payment, investment/trading, and lending. Five global markets: U.S., E.U., U.K., South-East Asia (SEA), and India. Apps analyzed using both static and dynamic application security testing based on OWASP mobile security guidelines.
Here's what our investigation revealed.
security flaws were found in every app we tested. Some security flaws were more severe than others.
ALL APPS
1
or more
Apps that contained at least one critical or high severity vulnerability.
84%
70%
Android
iOS
ALL APPS
of banking apps contained at least one critical or high severity vulnerability.
81%
ALL APPS
73%
61%
Weak derived crypto keys
Storing unencrypted information in Shared Preferences
The most frequent & significant security flaws discovered in Android apps were:
ANDROID
of banking apps contained more than ten vulnerabilities.
35%
ALL APPS
iOS
65%
61%
Storing sensitive information in NSUserDefaults
Misconfigured App Transport Security
For iOS apps, the most prevalent & serious security flaws were:
Fascinated by our findings? Click the button below to download the full Financial Application Security 2021 Report!