Security & Fraud

Warning! Update Experian – Free Credit Report And myFICO Mobile Apps

Users of the Experian – Free Credit Report and myFICO Mobile apps are advised to get the iOS updates. A security weakness identified by Verify.ly could have allowed attackers to access user login credentials on older versions of the clients. The problem has been fixed, but users are advised to update the apps.

Users who do not use iOS’ automatic updates feature should get the updates for Experian – Free Credit Report and myFICO Mobile. According to 9to5Mac, a security weakness identified by Verify.ly could have allowed attackers to obtain user login information on older versions of the clients. The security holes have been fixed after the companies were made aware of the vulnerabilities.

Experian – Free Credit Report and myFICO Mobile are both financial applications that inform users of their credit report and information. Will Strafach, founder of Verify.ly, told 9to5Mac a month ago that Verify.ly had discovered weaknesses in Experian’s and myFICO’s applications, which had not been using proper authentication methods when connecting to their services. This had allowed attackers to intercept user login credentials.

Both Experian – Free Credit Report and myFICO Mobile have been updated to fix the weaknesses. The details of the problem were that both applications were using incomplete TLS implementations. TLS is a security protocol that ensures encrypted data when communicating over the internet.

Normally, the TLS implementation ensures that the user’s login credentials and data are encrypted and securely sent over the internet to avoid interception by an attacker. The TLS protocol validates the client, but Experian’s and myFICO’s applications were not confirming the validity of the certificates and could have allowed an attacker to obtain users’ credentials when connected to a malicious network.

9to5Mac recommends changing your account passwords and any other accounts with the same user credentials and considering using a password manager, such as LastPass or 1Password, which increases the level of security.

——————————–

Latest Insights:

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. In the December 2019 Mobile Card App Adoption Study, PYMNTS surveyed 2,000 U.S. consumers for a reveal of the four most compelling features apps must have to engage users and drive greater adoption.

Click to comment

TRENDING RIGHT NOW