- Forrester Councils
- Councils Overview
- log in
Posted by Andrew Jaquith on July 27, 2010
Yesterday, the Wall Street Journal reported that Citigroup’s iPhone electronic banking app contained a security flaw that had been fixed. According to the article, a new version of the app has been made available to customers through Apple’s App Store. The Citi app was developed in conjunction with mobile app specialist mFoundry and allows customers to view their banking and/or credit card statements and make bank payments. From the Journal article:
“Citi said its iPhone app accidentally saved information—including account numbers, bill payments and security access codes—in a hidden file on users’ iPhones. The information may also have been saved to a user’s computer if it had been synched with an iPhone. The issue affected the approximately 117,600 customers who had registered the iPhone app with Citi since its launch in March 2009, a person familiar with the matter said. The bank doesn’t believe any personal data was exposed by the flaw.”
Forrester customers who are also Citi banking or credit card customers should immediately update their iPhone app. They should also change their account password if their phones have been stolen or lost.
I have not spoken to Citi about this matter, and I do not have inside knowledge about the nature of the vulnerability. However, it stands to reason that:
Financial services companies seeking to serve customers who have mobile devices like the iPhone have many choices ahead of them. How much security is enough? How do mobile apps relate to our cross-channel customer platform? Should sensitive information, such as transaction details or account passwords be stored on the device? The answers are not all easy to come to, and many are platform-specific. Nonetheless, the best way to begin answering these questions is to take control of the experience yourself.
Lead BT Transformation
Develop customer-obsessed strategies to drive growth »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »