Mobile application security company, Appknox, has said that its analysis of fintech apps in Nigeria shows that 40% of the apps are vulnerable to high and critical impact issues.
The Chief Executive Officer/Co-Founder of Appknox, Harshit Agarwal, disclosed this during a round-table meeting organized by CED Technologies and Appknox with the theme, ‘How to think security first in a super-fast mobile economy – Act or React’.
Of the 40%, he said over 80% lack sufficient code obfuscation, 60% have broken/disabled SSL and certificate pinning, 35% are affected by network security misconfiguration and 25% indicate recording of audio and screen activity.
Securing the mobile economy
Speaking during the meeting, security experts in the technology and banking ecosystem highlighted the benefits of having various layers of security on mobile technologies, applications, and services, in the world economies being referred to as mobile economy.
According to the Chief Technology Officer at CED Technologies, Chukwuebuka Ume-Ezeoke, while people are creating mobile technology solutions that help and better everyone’s life in and out of Africa, there is a need to think security first.
- “While companies like Appknox and CED Technologies have built a safe and secured mobile ecosystem using a system plus human approach to outsmart hackers, we believe that it is everyone’s business to think security first, recheck and double check so that businesses can be as secure as possible,” he told Journalists on the sideline of the meeting.
He noted that the meeting was convened to bring security leaders, bank executives, chief information security officers, heads of risk management, and even founders of different FinTech apps to encourage everyone to think security first while creating solutions that help and better everyone’s life in and out of Africa.
API security
Earlier in his presentation, Mr. Chukwuebuka noted that the importance of API Security for organizations is to prevent Data Breaches by ensuring that only authorized users and applications can access the data, and that data is encrypted during transmission. Others include protecting sensitive Data, stressing that if APIs are not secured, cybercriminals can intercept and steal sensitive information, resulting in significant financial and reputational damage to the organization.
- “API security ensures that the organisation a compliant with regulations such as GDPR, CCPA, HIPAA, by protecting sensitive data and providing secure access to APIs,” he added.
Also speaking, Harrison Nnaji, the Chief Information Security Officer of FirstBank and its subsidiaries, stated the key benefits of mobile app security include data protection, user trust and confidence, compliance and legal protection and then, and enhanced reputation and competitive advantage.
This is even as he identified mobile malware/ransomware, supply chain risks, evolving threat landscape, social engineering, data breaches, poorly designed apps, unpatched software, and inadequate user education as the major security concerns in the super-fast mobile economy.
Nairametrics
