appWatchdog: On guard against insecure mobile apps.
All Findings | FAQ

Evaluations for this application are listed below with the most recent first.

Latest Findings

App: PayPal,   Version: 3.0.1,   Platform: iPhone,   Eval Date: 2010-11-04

Securely stores passwords?PASS PASS
Securely stores user name?WARN WARN
Securely stores application data on device?WARN WARN
Additional security tests?PASS PASS
20+ additional criteria, detailed audit for app developers - appSecure.go

Analyst Notes

  • Retained user name
  • Retained history of bump account transfer feature
  • including date, time and GPS location coordinates of transaction
  • Retained email of both parties invovled in transfer


Previous Findings

App: PayPal,   Version: 3.0.0.101,   Platform: iPhone,   Eval Date: 2010-11-03

Securely stores passwords?PASS PASS
Securely stores user name?WARN WARN
Securely stores application data on device?WARN WARN
Additional security tests?FAIL FAIL
20+ additional criteria, detailed audit for app developers - appSecure.go

Analyst Notes

  • Vulnerable to Man in the Middle (MITM) attack
  • Retained user name
  • Retained history of bump account transfer feature
  • including date, time and GPS location coordinates of transaction
  • Retained email of both parties invovled in transfer