Max Eddy reports:
If you live in a city with robust public transit, you probably have a transit related app on your smartphone. They are essential to keep from looking like a tourist. For Londoners, the Tube Map Live Underground app lets them see the usual information like maps and routes, but also lets them access details about the service used to pay for train fares called the Oyster card.
Checking the balance on your Oyster card is a big draw for this app, but Appthority told SecurityWatch that this app doesn’t do a great job of protecting your personal information. They found that the app sends your Oyster user name, password, and card number in plaintext. “These credentials can be used to view journey histories of the user from up to the past 8 weeks, disable/enable the accounts, etc,” said Appthority.
Read more on PCMag.