Mobile stock trading apps riddled with security holes Mobile stock trading apps are riddled with security bugs. Stock trading apps have millions of users worldwide and process billions of pounds in traded shares but the security of the apps compares poorly with comparable mobile banking applications, security firm IOActive warns. Alejandro Hernandez, senior security consultant …
Here we are at the apex of money and IT, and they still don't put in the money to ensure things are secure.
I'm guessing it's because time is money, so it is better to risk being hacked rather than take longer to get an app that can get your entire portfolio hacked ? Um, somehow that doesn't sound so good at second reading.
No, things will carry on until some golden boys get ruined because of poor security. That will be the call to 1) have a few class-action lawsuits (hey, the lawyers aren't going to miss a golden opportunity like that, now will they ?) and 2) have other golden boys invest serious money in doing it right.
Because there's never enough money to do it right the first time, but always enough to do it over again.
.... yes it may cost a bit of money, but lack of money typically isn't the problem!
The problem here is that most mobile developers are people who are fairly new to programming. It's just a trendy way to start, just like web development used to be, or Windows GUI development with Delphi or VB in the 1990s.
Therefore you mostly get unexperienced people working there. People who have "seen the world of IT" rarely mess with mobile app development.
So what's left over are the people who have very little idea of what they are doing. Some of them will have an overinflated ego and charge lots of money, while most of them will work for standard wages.
Just like partying, IT security is about people and their mindsets, not money. You can have a great party with virtually no money, and you can spend a lot of money on a dull party.
That's like asking do you want a punch in the face or a knee to the groin, when you don't want either.
But note, it's not their money that's in danger.
It's yours.
And your personal details.
The app is merely a a tool for the trading company to get faster access to your money.
IOW from their PoV security not that necessary, and knowing more about their customers (as cheaply as possible) is always nice (for them).
As FrogsandChips points out, the article answers your question, but if you're still curious, they say they tested the top 21 apps, which should be easy enough to figure out, and that one belonging to a company that was hacked a long time ago was secure.
So provided you can work out which that one app is (out of twenty one candidates) you've got the only one that you should feel even vaguely safe using.
There's even a screenshot of one of the crap ones.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
