Skip to content

Australian Banking Apps 2024

Malcore, by Internet 2.0, will publish analysis results on Australian banking apps. Malcore is an automated analysis tool to scan files and programs to detect malware & assess risk.

The Malcore team are releasing individual blog posts on each popular Australian banking mobile applications. These are detailed individual blog posts that pull together the results of Malcore’s analysis per application.

This analysis project shows us the relative Malcore risk score for each application. It is a comparative process where the controls are the Malcore algorithm, only android apk were used and the time of analysis was the same for all applications. We hope this project provides users more transparency on the relative data harvesting practices, and relative risk scores, of all mobile applications.

The below graph is an updating chart which we will republish as our analysis results come in over the next few weeks.

For the graph there is inconsistent public information on active users and downloads per mobile application. We estimated placement by using the downloads on google play store and bracketed by reported monthly active users. We would be happy to adjust this data if applications send us official numbers.

We must note this analysis process is not a conclusive code review. It is a static analysis with automated code review using Malcore. A detailed manual source code review and to manually view app activity during dynamic analysis is considered a conclusive method to assess risk. A manual code review tends to find a lot more information but costs significant time.

The scores are listed here from lowest to highest as we publish the results per application.

Defence Bank Mobile = 15

Beyond Bank = 16

Bendigo Bank = 19

National Australia Bank = 26

Westpac = 27

Wise = 37

Suncorp = 40

Commonwealth Bank = 42