12 Dec “Certificate Pinning” Security Flaw in Banking Apps a Hacking Risk
Last week, University of Birmingham researchers identified several security flaws in a number of mobile banking apps that could have put millions of users at risk of hacking.
The researchers said that a technology called “certificate pinning”, used in apps of banks such as HSBC, NatWest, Co-op, and Bank of America, creates a vulnerability which an attacker could have used to perform a “man in the middle” attack to steal user credentials.
The researchers said that they have already worked with the banks whose apps were affected, as well as the UK’s National Cyber Security Centre, to fix the issue.
Source: The Register UK