A computer security firm has found that some popular mobile applications store users' personal data in plain text on their mobile devices, reports The Wall Street Journal. The viaForensics investigation found information such as unencrypted user names, passwords and transaction amounts on smartphones, which goes against industry best practices. "Data should not be stored on a phone," said Andrew Hoog, chief investigative officer of viaForensics. Hoog also said that while app developers are becoming more aware of data security issues, the fact that vulnerabilities still exist indicates security is not a top priority. One app maker's spokeswoman said that it's necessary for some information to be stored on phones, and the practice is allowed by the PCI Security Standards Council. (Registration may be required to access this story.)
If you want to comment on this post, you need to login.