The reason banks make native apps is the same reason you should avoid them: these people are *bad* at security.
-
-
Replying to @slightlylate
@slightlylate I worked at Wells Fargo between my stints at Google. We were subjected to stringent sec audits for everything.1 reply 0 retweets 0 likes -
Replying to @kkrishnanand
@kkrishnanand: this is the bank that's running WinCE on ATM terminals?1 reply 0 retweets 0 likes -
Replying to @slightlylate
@slightlylate The irony is not lost on me. I worked on credit lending backend systems. Secops audited all possible attack vectors.1 reply 0 retweets 1 like -
Replying to @kkrishnanand
@slightlylate Of course I can't speak for ATM systems. I can't excuse the Lack of 2fa auth support in any bank app, native or browser.1 reply 0 retweets 1 like
Replying to @kkrishnanand
@kkrishnanand: my expectation of banks is they do what it takes to not be found materially deficient in controls, which != user security
1:49 PM - 27 Dec 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.