Bank Job: CitiBank’s iPhone App Has Security Hole

This image described by Apple, App Store, iTunes, security flaw, Citigroup, Citibank, Citi-mobile

Citigroup is taking steps to eliminate a security problem discovered in their Citi Mobile iPhone app.  The online banking/financial app was discovered to be saving a customer's account information to a hidden file on their iPhone — info that, if a rogue program knew where to look, could be used to hack the person's accounts.

Citigroup has released a bugfix of the app which will erase the hidden data and prevent a similar occurance from happening in the future, and are urging all users of the app to upgrade.

The bug fix points out that, even as more and more people use their smart phones to conduct financial transactions on the go, even the slightest security flaw in the app can be catastrophic.  Security experts are convinced that such a catastrophe is a matter of "when" rather than "if."  It also points out gaps in Apple's own App Store review process, which is supposed to catch these kinds of bugs before an app is made available to the general public.  Forty lashes with a wet noodle to both Apple and Citigroup.

[Via the New York Times]