Research Shows 8 out of 10 Mobile Banking Apps Contain Security Weaknesses

Praetorian has identified build and configuration weaknesses in the overwhelming majority of mobile banking apps available on the App Store and Google Marketplace.

AUSTIN,  Texas, Dec. 12, 2013 /PRNewswire-iReach/ -- Praetorian, a leading information security provider, today released a study that explores challenges faced by today's megabanks, regional banks, and credit unions while building and maintaining secure mobile banking apps. Praetorian has identified build and configuration weaknesses in the overwhelming majority of mobile banking apps available on the App Store and Google Marketplace. While cursory, the results of the analysis indicate a need for continued improvement in mobile application security as the critical underpinnings of society become increasingly dependent on mobile technology. 


Key Findings

  1. Build and configuration weaknesses have been identified in 8 out of 10 mobile banking apps.
  2. A security gradient exists between national banks, regional banks, and credit unions.
  3. Results may suggest finite development cycles or limited maintenance in mobile banking apps. 

Results suggest that environmental conditions have a direct impact on the quality and security of an institution's mobile banking solution. Experience confirms that national banks tend to be the earliest adopters of security technology, in-source development efforts, and maintain mobile development projects over time. In contrast to this, regional banks and credit unions tend to reactively adopt new security technology, outsource development efforts, and maintain finite development cycles. While security weaknesses were identified across financial institutions of all asset sizes, the analysis shows a security gradient between national banks, regional banks, and credit unions, with build and configuration weaknesses being most prevalent in credit unions. This correlation suggests that the way in which mobile applications are developed may directly contribute to the outcomes of the study. 


Incremental and rapid release cycles are driving the need for continuous and on-demand security evaluation to help address unique challenges encountered while building and maintaining secure mobile applications. More now than ever, organizations should engage in ongoing assessments as new features are released and code changes are made. 

Mobile security solution providers also need to play their part by equipping companies with the technology and service models they need to support continuous and on-demand security testing of mobile applications. 


Mobile banking applications were analyzed with Praetorian's Project Neptune (, a new mobile application security testing platform. This continuous and on-demand security testing platform helps mobile development teams address security challenges encountered while building and maintaining mobile apps. The platform covers a broader suite of security verification and validation testing, including build management, configuration management, authentication, authorization, session and token management, data validation, data confidentiality, error and exception handling, and auditing and logging. 

To download the full mobile banking security report, please visit:

For more details on Praetorian's Project Neptune, please visit:

About Praetorian

Praetorian is an information security provider dedicated to helping organizations achieve risk-management success. As the leader in application, mobile, and cloud security, Praetorian helps clients identify, prioritize, and mitigate risk in the most cost-effective way possible. Combining superior technical prowess, trusted business acumen, comprehensive reporting, and unparalleled delivery, Praetorian acts as a trusted advisor to today's leading companies. For more information, visit or follow us on Twitter: @PraetorianLabs.

Media Contact: Paul Jauregui, Praetorian, (512) 410-0350 ext. 209,

News distributed by PR Newswire iReach:

SOURCE Praetorian



High Tech Security, Computer Software, Electronic Commerce, Multimedia & Internet, Publishing & Information Services, Surveys, Polls and Research

Need Help