[yrro]

> on Android and iOS around 40% of banking apps don't even check the certificate at all.

Please name and shame, this sounds pretty surprising!

[sprkyco]

List of Android SSL MITM vulnerable apps: https://samsclass.info/128/proj/popular-ssl.htm

Highly recommend any material on the main site as well. One of the few legit infosec professors I have ever interacted with.

[unluckier]

At least for Android: https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w...

There are several banking-related apps listed here.

[ultramancool]

Heard that on an old security now episode, https://www.grc.com/sn/sn-443-notes.pdf is the best I have unfortunately, there's mention of it near the bottom there.