I noticed weakness in hdfc netbanking application. I access netbanking from my mobile through web browsers. When i access the log-in page it comes with pre-filled userid, once i accept the userid, password also gets filled up automatically. Same thing is not happening when i access netbanking from desktop browsers.
If this weakness is noticed by perpetrators, then he can try hdfc bank website whenever he gets hold of any lost mobile phone, and becomes successful in some cases.in that case, account holders may suffer a lot.
So, i request not to pre-fill these fields specially for browsers through mobile devices considering mobiles are prone to get lost due to their smaller sizes. Was this information helpful? |