Appknox, a mobile application security company, has revealed alarming statistics regarding the vulnerability of fintech apps in Nigeria.
According to the CEO and Co-Founder of Appknox, Harshit Agarwal, during a recent round-table meeting organized by CED Technologies and Appknox, a staggering 40% of these apps exhibit vulnerabilities that could lead to high-impact and critical issues.
The analysis conducted by Appknox also uncovered other concerning issues. More than 80% of these vulnerable apps lack sufficient code obfuscation, a critical security measure.
Additionally, 60% of them have broken or disabled SSL and certificate pinning, which are essential for secure data transmission.
Mobile technology development
Network security misconfigurations affect 35% of these apps, while 25% of them indicate the recording of audio and screen activity, posing potential privacy risks to users.
Security experts in the technology and banking sectors emphasized the importance of prioritizing security in a rapidly evolving mobile economy.
Chukwuebuka Ume-Ezeoke, the Chief Technology Officer at CED Technologies, stressed that while innovative mobile technology solutions are being developed to enhance lives both within and outside of Africa, a security-first mindset is crucial.
He highlighted the need for a multi-layered security approach and encouraged all stakeholders, including fintech app founders, to prioritize security.
API (Application Programming Interface) security was also discussed as a critical aspect of mobile app security.
Proper API security helps prevent data breaches by ensuring that only authorized users and applications can access data while encrypting it during transmission.
This is essential for safeguarding sensitive data and ensuring compliance with regulations like GDPR, CCPA, and HIPAA.
Harrison Nnaji, the Chief Information Security Officer of FirstBank and its subsidiaries, emphasized the significant benefits of mobile app security, including data protection, user trust, compliance, and legal protection.
He also highlighted various security concerns in the fast-paced mobile economy, such as mobile malware, supply chain risks, evolving threats, social engineering, data breaches, poorly designed apps, unpatched software, and inadequate user education.