18% of African banking apps have vulnerable high severity secrets

blue street sign that says personal banking

Image via Unsplash

The security of African financial service applications were analyzed in a recent report by Approov. The report found that 95% of the most popular African banking and financial services apps contain easy-to-extract secrets.

According to the report, 18% of the apps investigated revealed high severity secrets. A high severity classification was used for vulnerabilities that could potentially lead to unauthorized access, data breaches and compromised user privacy. These apps together constitute a total of 272 million downloads across the continent with 72% of the apps revealing medium severity secrets that encompass sensitive data. If exposed, they could potentially compromise the confidentiality of user data and application functionality.

Additional findings include:

Crypto was the most exposed type of app, with 33% of crypto apps found to expose high severity secrets.
Google Cloud API keys were identified in 86% of the examined applications.
Approximately 15.3% of the apps exposed various authentication tokens, including Facebook authentication tokens.

Read the full report here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.