40% of Fintech Apps in Nigeria Exhibit Vulnerabilities That Could Lead to High-impact and Critical Issues – Appknox
In a recent round-table meeting, the CEO and Co-founder of Appknox, Harshit Agarwal, disclosed that 40% of Fintech apps in Nigeria are vulnerable to high-impact and critical issues.
In an analysis conducted by the firm, more than 80% of these vulnerable apps lack sufficient code obfuscation, a critical security measure.
Additionally, 60% of them have broken or disabled SSL and certificate pinning, which are essential for secure data transmission. Also, 35% are affected by network security misconfiguration and 25% indicate recording of audio and screen activity.
Speaking on the theme of the meeting, “Next Generation Mobile App Security Empowering Cybersecurity Leaders in the Digital Age”, Appknox CEO Agarwal said,
“Any application on the internet can be hacked, it’s all about how proactively the affected organizations can find and resolve the issue as well as releasing an update.
“Using the current landscape of mobile security applications in Nigeria, the country, and Africa at large are driving many innovation and business opportunities. For this reason, it’s very critical that every growing business needs security”.
Also speaking at the meeting, the Chief Technology Officer of CED Technologies, Chukwuebuka Ume-Ezeoke said that while companies are building technology solutions that aid in simplifying mobile transactions for users, they must first recognize the need for a strong security system.
In his words,
“While companies like Appknox and CED Technologies have built a safe and secured mobile ecosystem using a system plus human approach to outsmart hackers, we believe that it is everyone’s business to think security first, recheck and double check so that businesses can be as secure as possible”.
Mr. Chukwuebuka highlighted the need for a multi-layered security approach and encouraged all stakeholders, including fintech app founders, to prioritize security.
He further noted that the meeting was put together to bring security leaders, bank executives, chief information security officers, heads of risk management, and founders of different FinTech companies to encourage everyone to take security as a top-most priority, while creating solutions that help and better the life of users.
Notably, API (Application Programming Interface) security was also discussed as a critical aspect of mobile app security.
As advancements in technology and banking solutions have brought simplicity and ease to financial services, it is worth knowing that these advancements have also created room for more modern and advanced fraud schemes.
Therefore, Fintech companies in Nigeria must treat security as an important priority when creating platforms, as failure to ensure robust security systems can risk the platforms to security breaches, resulting in loss in substantial amounts.
To mitigate these security concerns, these companies must invest in robust security measures, regular security audits, penetration testing, and user education.
Compliance with relevant regulations and standards is crucial, and partnerships with trusted third parties should be established cautiously. Continuous monitoring and rapid response to security incidents are also essential in maintaining the security of Nigerian fintech apps.
By staying vigilant and taking proactive steps to prevent security attacks, fintech companies can protect their bottom line and maintain the trust of their customers.