News
Citi reveals iPhone app security flaw, releases update
By Jesse Hollington
Applications Editor, iLounge
Published: Tuesday, July 27, 2010
News Category: Apps + Games, Other
The Wall Street Journal reports that Citigroup has disclosed a security flaw in its free U.S. mobile-banking application for iOS devices. Citi has indicated that the iOS app inadvertently saves information such as account numbers, bill payments and security access codes on users’ iOS devices and that this information may also be saved to a users’ desktop computer as part of the iTunes backup created during the sync process. The issue is reported to have affected approximately 117,600 Citigroup customers who have registered the iPhone app with Citi since its March 2009 launch, however the bank does not believe that any personal data has actually been exposed by the flaw. Citi has sent out letters to customers advising them of the security issue and directing users to download the newest version of the Citi Mobile app as a mandatory update. The latest version of Citi Mobile addresses this issue and also provides iPod touch support for credit card customers and other bug fixes. Citi Mobile 2.0.3 is available from the App Store as a free download and should appear as an automatic update for current users. [via TUAW]
Related Stories
- Periscope Audio Lab releases SpaceSampler
- Evernote Hello improves contact entry features
- eMailGanizer Pro adds Universal Inbox, Smart Folders
- Galaxy on Fire 2 HD update opens the Kaamo Club
- Smartr Contacts adds e-mail viewing support
- Path releases update to address contact privacy issue
Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- iLounge Weekly coming early Monday, giveaway reminder
- iBackFlip launches Somersault case for iPad
- Motorola loses third patent case against Apple in Germany
- Apple rushing to pick demo apps for next iPad launch
- Apple airs new Siri-focused iPhone 4S ads
- Periscope Audio Lab releases SpaceSampler
- Evernote Hello improves contact entry features
- eMailGanizer Pro adds Universal Inbox, Smart Folders
- Scosche rolls out bassDock for iPad
- German court rejects Apple bid to ban Galaxy 10.1N
Recent Reviews
- Cygnett Apollo for iPhone 4/4S
- Case-Mate Pop! ID for iPhone 4/4S
- Case-Mate Pop! for iPhone 4/4S
- Case-Mate Pop! With Stand for iPhone 4/4S
- Solid Line Products RightShift 2 Removable Keyboard Case for iPad 2
- Spigen SGP Kuel F60Q Battery Pack
- Just Mobile Highway + Highway Pro for iPod, iPhone + iPad
- Speck CandyShell and CandyShell Satin for iPhone 4/4S
- Jensen JiPS-310i Docking Speaker for iPod, iPhone & iPad
- FrappeDesign Smart Sleeve for iPad 2
Recent Articles
- iOS Gems: Adventures of Tintin, Reckless Racing 2 + Scramble With Friends
- Ask iLounge 2-3-12
- Making The Case For - And Against - An Apple iTV Television
- Instant Expert: iTunes U for iPad, iPhone and iPod touch
- Instant Expert: Secrets & Features of iBooks 2.0
- iLounge’s 2012 CES Best of Show Awards: Honorable Mentions
- iLounge’s 2012 CES Best of Show Awards: iPod, iPhone, iPad + Mac
- iOS Gems: Bug Princess, Dora Hops Into Phonics, It’s A Small World, Sleepy Jack + X Is For X-Ray
- The Complete Guide to Managing iTunes Videos
- Editorial: As CES Grows, Will Microsoft’s Loss Be Apple’s Gain?
1
haha…always hoped they’d roll out a mobile application when i banked with them…just cancelled my acct with them since they started charging a monthly service fee….
Posted by tycol25 on July 27, 2010 at 11:47 AM (PDT)
2
So now they’ve let everyone know that this data could be in iPhone backup files, and haven’t released software to automatically delete them, which means people will still write really simple programs targeting those files… the encryption is far from secure… that is so fail… I’m only in year 12, and I could write that with ease, though I choose not to. Imagine the better, more malicious programmers than myself!
Posted by velociraptor on August 5, 2010 at 12:24 AM (PDT)