“Major Security Flaws in Parking Apps”
Six parking apps available on the Google Play Store were surveyed by researchers at security firm NCC Group. Through the survey, the researchers were able to discover security flaws in not one, but multiple parking apps. The apps did have some “degree” of encryption of sensitive data but the survey also found that, “none of the apps verified the certificate used by the server,” which in that case it gives permission for “man-in-the-middle” attacks from proxy tools. Customers using these apps were allowed to store passwords or PINs on the device to enable “auto log-in” and because these are being stored unencrypted this causes a major security flaw, especially with users who tend to use the same user name and password on multiple sites. For the full article, click here
