The mobile app markets are booming. More and more developers are shifting their focus towards smartphone and tablet software. Despite the common belief that Apple has the safest mobile platform, an in-depth research by Appthority has shown that iOS apps are more vulnerable than Android ones.
Appthority is a leading application security analysis provider that recently compared the security levels in iOS and Android platforms. Security related app behaviors, such as location tracking and data sharing, were researched and analyzed.
The results were quite surprising. While 95% of the 200 top free iOS and Android apps (80% of the top 200 paid ones) exhibited atleast one risky behavior, iOS apps exhibited riskier attributes (91%) than their Android rivals (83%).
Mobile app developers are selling your privacy without your knowledge. Every download you make gives the publication access to your personal details and private data, which is marketed to advertising and analytics firms. In some cases, apps running in the background also transmit your geo-location and other sensitive data in real-time.
It was also revealed that Paid Applications are much safer than Free Applications. Corporate risks were also exposed with huge differences in location tracking (70% in free apps against only 44% in paid apps) and Single Sign-On via Social Networks (69% in free apps). Free apps are simply putting professional networks at risk.
Unique Device Identifier (UDID) identifies the unique user and harvests his private information for commercial use. This of course becomes a risky proposition where professionals in “sensitive” positions are involved. The In-App Purchasing feature is also a very tricky issue that can add to the employee’s monthly bill and harm businesses.
The recent BYOD (Bring Your Own Device) boom requires CISOs and InfoSec Managers to exercise extra caution. Workers should be asked to use only official software and avoid unauthorized apps from underground marketplaces. As the mobile market grows and evolves, the security risks keep getting bigger. Raise the awareness.
To Download The Whole Report Click Here – Appthority App Reputation Report – Winter 2014
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.