[NullPrefix]

>or the McDonald's app

Excuse me? McDonald's app considers itself security critical now?

[marcellus23]

I mean, you put your credit card into it, so yeah?

[grishka]

You also put your credit card into your web browser, and it can even store your cards (without the cvc) to autofill them for you.

[bee_rider]

The web browser is almost certainly security critical -- although maybe it is treated as a special exception because of user expectations.

[grishka]

Yes, but somehow, web browsers never check for "device integrity", and websites just blindly trust that the browser, or whatever it is on the other end, would do whatever it's told. They don't even have a reliable way of telling what kind of device or OS the user is accessing the website from. And everyone seems to be fine with that.

And that's how it should be with apps, too. And people need to be educated to never, ever be so trustful. You lost your savings to a scammer? Well, you'll be more diligent next time.

[kevingadd]

Yes, and this is a massive security vulnerability

[HelixEndeavor]

Anything that deals with your financial information usually has security.

[jmnicolas]

Probably because you can pay your meals with it.