News
Citi reveals iPhone app security flaw, releases update
By Jesse Hollington
Social Media & Software Editor, iLoungeGoogle+
Published: Tuesday, July 27, 2010
News Categories: Apps + Games, Other
The Wall Street Journal reports that Citigroup has disclosed a security flaw in its free U.S. mobile-banking application for iOS devices. Citi has indicated that the iOS app inadvertently saves information such as account numbers, bill payments and security access codes on users’ iOS devices and that this information may also be saved to a users’ desktop computer as part of the iTunes backup created during the sync process. The issue is reported to have affected approximately 117,600 Citigroup customers who have registered the iPhone app with Citi since its March 2009 launch, however the bank does not believe that any personal data has actually been exposed by the flaw. Citi has sent out letters to customers advising them of the security issue and directing users to download the newest version of the Citi Mobile app as a mandatory update. The latest version of Citi Mobile addresses this issue and also provides iPod touch support for credit card customers and other bug fixes. Citi Mobile 2.0.3 is available from the App Store as a free download and should appear as an automatic update for current users. [via TUAW]
Related Stories
- Apps: ABC Aquarium, Disney Jr. Appisodes, Pinterest 2.4 + Pocket Informant Pro 3.0
- Report: iOS 7 could see Flickr, Vimeo integration
- Google Play Music All Access to get iOS app support?
- Report: BBM iOS app won’t support iPad at launch
- Apps: Can Knockdown 3, eBay 3.0/2.3, Jungle Book + Sonic the Hedgehog 2.0
- App Store hits 50 billion downloads
Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- Apps: ABC Aquarium, Disney Jr. Appisodes, Pinterest 2.4 + Pocket Informant Pro 3.0
- Report: iOS 7 could see Flickr, Vimeo integration
- Apple CEO Cook testifies on taxes, faces Senate critics
- Google Play Music All Access to get iOS app support?
- Senate subcommittee accuses Apple of tax avoidance
- AT&T: All video chat apps will work over cellular in 2013
- Apple releases testimony before CEO’s Senate appearance
- New Apple offers in India can reduce iPhone price
- Report: Apple testing 1.5” OLED displays for iWatch
- Song skipping terms slowing iRadio negotiations
Recent Reviews
- Mophie Juice Pack Plus for iPhone 5
- Ultimate Ears UE Boom
- Trü Protection Trü-Fit Anti-Glare Film Set
- New Trent iCarrier IMP120D Dual USB Power Pack
- BlueFlame 2M Charge and Sync Cable with Lightning Connector
- HMDX Jam Party Bluetooth Wireless Stereo Speaker
- Logitech Harmony Ultimate Universal Remote Control
- MyCharge Freedom 2000 Battery Case for iPhone 5
- Nike Nike+ FuelBand
- OCDesk OCDock for iPhone 5
Recent Articles
- Inability to use Find My Friends without a passcode
- Calendar info disappears after iCloud restore
- Remove old iCloud backup after restoring to a new iPhone
- Setting up a ringtone in iTunes
- Using a Wi-Fi hard drive with an iPad
- Backing up and restoring an iPod classic
- Can’t restore iPod touch without passcode
- Retaining older versions of Apps during an iOS Restore
- Can’t eject iPod nano without closing Firefox
- Can’t change iTunes Apple ID to iCloud e-mail address
1
haha…always hoped they’d roll out a mobile application when i banked with them…just cancelled my acct with them since they started charging a monthly service fee….
Posted by tycol25 on July 27, 2010 at 10:47 AM (PST)
2
So now they’ve let everyone know that this data could be in iPhone backup files, and haven’t released software to automatically delete them, which means people will still write really simple programs targeting those files… the encryption is far from secure… that is so fail… I’m only in year 12, and I could write that with ease, though I choose not to. Imagine the better, more malicious programmers than myself!
Posted by velociraptor on August 4, 2010 at 11:24 PM (PST)