Apple guidelines for financial application security

I have read the secure coding guide provided by Apple. I am looking at developing a financial application. What are the best methods to authenticate the user? Are there any specific guidelines for finance ap开发者_开发百科plications (relating to security) given by Apple?

Just generic wisdom:

Don't store the password in plain text. Although the typical user can't access files inside of an iPhone, a jailbroken iPhone has full root access and will be able to peer inside the bundle, and can easily read a plain text file called "userPass.txt." Instead, use the iPhone's keychain to store logins and passwords.

As evidenced by PayPal's iOS security blunder that just happened, be sure to use a secure HTTPS connection when authenticating to a server. Someone packet sniffing on an open WiFi network is able to exploit the current iOS PayPal app and get credentials out of the air.