Research on the existing vulnerabilities and threats in mobile banking conducted by Positive Technologies experts. Out of 14 fully featured mobile banking applications (client and server) chosen for the research none has an acceptable level of protection.
Client side (mobile banking application installed on the user's device):
Server side (web application that interacts with the mobile client over the Internet by means of a special application programming interface (API):
Research also showed that iOS client applications contain fewer vulnerabilities than their Android counterparts. No flaws in iOS banking apps were worse than "medium" in severity. By comparison, 29% of Android apps contain high-risk vulnerabilities.