The explosion of mobile applications, especially those involving banking and payments, is almost certain to lead to ingenious new hacker attacks on consumer data this year. After all, why should 2012 be different from any other year, as crooks continually look for holes in security in hopes of reaping financial rewards?
Indeed, the vast majority of developers of mobile wallets and related payment applications are focusing on the business case and the user experience. And that likely will lead to data-security problems, Mark Bower, vice president at Cupertino, Calif.-based Voltage Security Inc., tells ISO&Agent Weekly.
Bower points to the data-security gaps recently exposed in Google Wallet as a prime example of the lack of deep security standards emerging in mobile-application development.
“It is almost inevitable that we will see some major data breaches in 2012 as a result of a failure to thoroughly protect financial and other data through all the steps where it may be exposed in mobile applications,” Bower says.
But most potential security gaps will not directly expose credit or debit card account information or access to bank details, Bower says. In fact, the Near Field Communication technology Google Wallet and other mobile-payment applications use is “quite secure,” he believes.
Instead, it is “vast amounts of what you might think of as very sensitive data that can be stolen and repurposed by crooks” through mobile devices that will put consumers at risk of hacker-attacks, Bower says.
