Security Analysis of Mobile Money Applications on Android

Mobile Money Applications are thriving due to the ease and convenience it brings to people, where it offers to transfer money between people's bank accounts/cards with a few taps on a smartphone either in the form of Mobile Banking or Mobile Payment Services. However, a key challenge with gaining user adoption of mobile banking and payments is the customer's lack of confidence in the security of the services, and that makes much sense because whenever people grant service access to their debit/credit cards or bank accounts that automatically opens the door for identity thefts, fraudulent transactions, and stolen money. Add to that, the fact that already people and developers are not giving much attention to the security aspect of the applications. This paper consists of two parts: first, an intensive security analysis on a selection of different mobile banking and mobile payment applications on Android platform where 80% of the selected applications were found not following the best security measures. And second, a thorough step by step Android security testing guide in the form of this paper to ease the process of security testing any Android application to be used by developers, ethical hackers, and anyone interested in testing the security of any application.