An audit by Chicago firm ViaForensics discovered serious security holes in the PayPal mobile payment application for Apple s iPhone. Flaws that could allow attackers to set up a phony PayPal phishing site and snoop user credentials was the most critical, but the application also fell short in protecting user login and potentially sensitive application data. The company said it would reimburse customers for any fraudulent activity related to an attack on the iPhone application. Other financial services and mobile payment applications contained flaws and what Hoog described as cursory efforts at securing data.
Source: https://threatpost.com/firm-finds-gaping-holes-mobile-payments-applications-110410/74640/