PayPal iPhone App Updated To Fix Major Security Flaw

News | Tuesday November 2 2010 3:43 PM | Comments (0) Tags: , , , , ,

The hole stems from the app's failure to confirm the authenticity of PayPal's website when communicating over the Internet —a basic lapse that the security researcher who found the flaw said would allow someone to access the accounts of unsuspecting users.[..]
The security flawresults from the app's failure to verify the digital certificate for the payment service's website, which is used to verify if awebsite is legitimate.So without this confirmation, a hacker on the same unsecured Wi-Fi networkas the usercould gather usernames and passwords.
PayPal spokeswoman Amanda Pires hasclarified that the issue hasn't affected any user so far but has alsoassured users that PayPal would reimburse any losses due to fraudulent activity caused by this security flaw.
With monetary transactions using mobile devices increasing day by day, this incident should serve as an eye opener to companies that are offering or planning to offer their payment services on smartphones.
) as soon as possible.

No Comments »

No comments yet.

RSS feed. TrackBack URI

Leave a comment

You must be logged in to post a comment.