-
Free credit scores are so seven years ago. Credit Karma, an educational site for consumers that makes money from sending customer leads to lenders, is now publishing free full credit reports on a more frequent basis. The idea is to better educate borrowers who are in the market for credit while collecting better leads for its bank partners.
July 30 -
Regulators have reacted as expected, but large banks say theyre not vulnerable to the security flaw. Nonetheless, security questions remain.
April 11 -
Hackers are attacking mobile banking apps more heavily. Here's what to do to fight back.
July 1 -
With free credit scores becoming ubiquitous, firms like CreditKarma armed with $85 million in new funding Quizzle and Credit Sesame seek to offer new services to advice-starved consumers.
March 19
Credit Karma and Fandango have settled charges with the Federal Trade Commission that their mobile applications inadequately protected consumers' payments and other personal data.
Under the settlement, the two companies are required to undergo independent security assessments every other year through 2034. Furthermore, both companies are prohibited from misrepresenting the level of privacy of their products. They do not have to pay a fine.
Commissioners voted 4-0 in favor of the settlement, with Terrell McSweeny not participating, an FTC release Tuesday said. The proposed settlement was announced in March.
Credit Karma is a credit monitoring company, and consumers use Fandango to buy movie tickets.
Complaints filed with the FTC alleged that both companies disabled the secure sockets layer (SSL) certificate on their mobile applications. This function is used to establish authentic, encrypted connections with consumers and is meant to prevent theft by a hacker.
If this function is not installed on a mobile application, a third-party attacker has the ability to obtain a consumer's credit card information, Social Security number, credit report data and other sensitive information, according to the FTC.
"The misuse of these types of sensitive personal information can lead to identity theft, including existing and new account fraud, the compromise of personal information maintained on other online services, and related consumer harms," the FTC release said.