In the recent article by By John Leyden, “Sloppy coding + huge PSD2 changes = Lots of late nights for banking devs next year”
He discusses the impact of poorly written code, and the significant security risk and challenges the banks will face in the next 12 months.According to CAST, an organisation that reviews the quality of code for businesses, recently reviewed over 278 million lines of code and reveals that out of 1,388 applications, 1.3 million weaknesses were detected. Click To Tweet
Bad coding and poor software quality have practical ramifications for the EU financial sector, by 13 January this year member states needed to have implement the revised Payment Services Directive (PSD2) into their national regulations.
The importance of following coding best practices is going to increase once the looming PSD2 for open banking regulations come into effect.
Companies tend to prioritise user experience at the expense of cybersecurity.
More generally, applications developed using Microsoft’s .NET have higher CWE densities and produce some of the poorest software quality overall. Java applications released more than six times per year have the highest CWE densities.