Payment API Bungling Exposes Millions of Users’ Payment Data
#1
Information 
Quote:App developers have once again been accused of having butterfingers when it comes to API keys, leaving millions of mobile app users at risk of exposing their personal and payment data.
 
CloudSEK, maker of artificial intelligence- (AI-) enabled digital threat protection, reported last week that the mobile ecosystem is reeking with hard-coded API keys: Keys that should never be exposed in endpoint apps.
 
Misconfigured APIs make any app risky, but when you’re talking about financial apps, it’s about handing ne’er-do-wells the power to turn victims’ pockets inside-out.
 
“While the rampant exposure of API keys is hazardous for any app, it is especially critical when it comes to apps that handle payment information such as bank details, credit card information and UPI transactions, in addition to user [personally identifiable information, or PII],” according to CloudSEK’s writeup.
 
APIs – application programming interfaces – are the veins and arteries of the mobile ecosystem, enabling apps to communicate with multiple sources and to move data in and out of those apps. It’s an “integral” part of how an app works, CloudSEK said, which means that app developers need to handle them with kid gloves in order to avoid leaking customer data: “Any systematic mishandling of API keys among app developers can cause threat to the app’s business,” researchers maintained.

Read more: Payment API Bungling Exposes Millions of Users’ Payment Data | Threatpost
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>