Rapid fintech adoption across the world is so ubiquitous. To facilitate more adoption in Nigeria, recently the Central Bank of Nigeria (CBN) introduced several policies that support cashless banking. Nowadays, Nigerian banks users could perform most of their daily transactions from any desired location using mobile banking applications. In the literature, there are insufficient studies that comprehensively evaluate the security strength or risks of these applications. Generally, insecure mobile banking applications could lead to financial fraud, violations of privacy, identity theft and eroded user confidence. Considering the situation, there is need to conduct research which comprehensively assess security of the applications. Consequently, in this paper we analyzed and evaluated the security of identified popular mobile banking applications in Nigeria. We conducted the analysis work using automated and manual static analysis methods. Then, we evaluated the security of the applications using multi-criteria decision-making technique. Our results revealed that most of the applications have several security challenges in form of vulnerabilities and insecure coding practices. Hence, our findings have shown the applications need further improvements for better security and safety.
Read full abstract