Enlarge / Screenshots of the RSA Conference application from the Google Play Store. The app's Web interface leaked attendee data when supplied with a token obtained by registering the app. (credit: Google Play Store ) A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference's attendee list.