Information regarding SSL Certificate validation for Space Coast Credit Union mobile app on Android and iPhone
Information regarding SSL Certificate validation for mobile app
Posted on 05/05/2017
SCCU was recently mentioned in a report regarding a low risk Mobile Banking application vulnerability. Security is a top priority and we’re trying to confirm the alleged vulnerability, but we have not been able to validate it. SCCU members may use their mobile banking app securely by accessing the mobile app over a secure trusted wireless network or using their cellular service.
SCCU goes to great lengths to secure our applications including recurring third party security assessments. The SCCU app has multiple layers of security to protect members, and the vulnerability outlined in the article is extremely unlikely to occur due to the number of extenuating circumstances that would need to happen. For this risk to exist the user would have to be on their mobile app while using the same non-secure wireless network as the fraudster, and accept a fraudulent certificate.
SCCU members may use their mobile banking apps and protect themselves by:
Update your phone to the latest Operating System version
Use the latest browser version
Don’t use a jailbroken or rooted phone
Avoid using public WiFi networks
Use fingerprint authentication (available on Apple devices)