While the protections of mobile banking applications have mostly been thoroughly vetted with encryption in place and the prevention of user data from being included in the backups, it isn’t always the case for all applications. Consider which applications may also be storing payment information. Some applications may not provide the same protections for your payment details.

This popular application was storing personal card data in JSON files to include:

•  Card expiration

•  Last four digits

•  Zip Code

•  And other billing information

This was stored as part of the user’s saved profile. All of the data was available in plaintext.