Security Analysis of Mobile Banking Application in Qatar

Abstract: This paper discusses the security posture of Android m-banking applications in Qatar. Since technology has developed over the years and more security methods are provided, banking is now heavily reliant on mobile applications for prompt service delivery to clients, thus enabling a seamless and remote transaction. However, such mobile banking applications have access to sensitive data for each bank customer which presents a potential attack vector for clients, and the banks. The banks, therefore, have the responsibility to protect the information of the client by providing a high-security layer to their mobile application. This research discusses m-banking applications for Android OS, its security, vulnerability, threats, and solutions. Two m-banking applications were analyzed and benchmarked against standardized best practices, using the combination of two mobile testing frameworks. The security weaknesses observed during the experimental evaluation suggest the need for a more robust security evaluation of a mobile banking application in the state of Qatar. Such an approach would further ensure the confidence of the end-users. Consequently, understanding the security posture would provide a veritable measure towards mbanking security and user awareness.