18% of African banking apps have vulnerable high severity secrets

blue street sign that says personal banking

Image via Unsplash

The security of African financial service applications were analyzed in a recent report by Approov. The report found that 95% of the most popular African banking and financial services apps contain easy-to-extract secrets.

According to the report, 18% of the apps investigated revealed high severity secrets. A high severity classification was used for vulnerabilities that could potentially lead to unauthorized access, data breaches and compromised user privacy. These apps together constitute a total of 272 million downloads across the continent with 72% of the apps revealing medium severity secrets that encompass sensitive data. If exposed, they could potentially compromise the confidentiality of user data and application functionality.

Additional findings include:

Crypto was the most exposed type of app, with 33% of crypto apps found to expose high severity secrets.
Google Cloud API keys were identified in 86% of the examined applications.
Approximately 15.3% of the apps exposed various authentication tokens, including Facebook authentication tokens.

Read the full report here.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.