FTC: Credit Karma & Fandango Apps Pose Security Threats

Fandango and Credit Karma apps have both settled with the FTC following allegations that they “deceived consumers by failing to securely transmit sensitive personal information. Both companies knowlingly disabled SSL encryption, or secure sockets layer certificate validation. By removing the default security measure, the app makers left personal information vulnerable to hackers capable of intercepting the data to and from the apps. These types of attacks are known as “man-in-the-middle” attacks that are particularly dangerous in public wi-fi locations like coffee shops.