Sensitive User Data Collected By Indian Mobile Banking Apps

December 23, 2016 Leave a comment


wealthymattersMany Indian mobile banking apps record/collect information like your contact list, call record data, info about apps installed on a phone, and even gain access to your calendar schedule.These apps are meant to interact with secured banks server and retrieve information about your bank account, make IMPS, NEFT, RTGS transfers within the app. So in this case, it is justified if these apps request ‘network permissions’ to privately connect to the bank servers?

1)Retrieve running apps

This permission allows the requesting app to find out what other applications are currently/recently running on your phone on real-time basis, and different sub-task (activities running in an app) running on the phone. According to Android developer guidelines, this permission was discontinued since roll out of Android Lolliop due to security risks. The permission can however be granted and work on phones with Android version below Lollipop. Read more of this post

Filed under Paper Assets, Theory, Tool Kit Tagged with , , , , , , , , , , , , , , , , , , , ,

%d bloggers like this: