When my bank sent me a message pitching the conveniences of mobile & text banking, I didn’t opt in. Here’s an example of why: WJS reports “Citi Discloses Security Flaw in Its iPhone App.”
Citi claims security tests were conducted before and after the application release, but a recent “routine security review” spotted the flaw. The app was released in March 2009.
The vulnerability as described to the public appears to be a classic client-side trust issue that should have been easily discovered during a design review, code review, or penetration test. Citi contracted with a vendor to build the application, and it’s not clear whether the vendor or Citi introduced the flaw or whether it manifested during the integration of the vendor’s code with Citi’s code. Nevertheless, it’s a classic case of a design flaw sneaking through the entire SDLC and making it’s way into production affecting 150K+ customers and Citi’s brand.
Take away: catch and correct these types of flaws early in the SDLC by creating abuse cases and conducting architectural risk analysis.
Post a Comment