Skip to main content

Security vulnerabilities found in three quarters of mobile apps

Image used with permission by copyright holder

Three quarters of Android and iOS apps have security vulnerabilities related to insecure data storage, according to a new report by enterprise security company Positive Technologies.

The report, first highlighted by ZDNet, lays out the security issues identified in many apps found on both the Google Play store and the iOS App Store. The insecure storage of data from apps could lead to information like passwords, financial details, personal data, and communications being accessible by hackers.

In addition to insecure data storage, which was the most commonly identified security issue, vulnerabilities classified as “high risk” were identified in 38% of iOS apps and 43% of Android apps. The report did not single out particular apps which were security threats, but rather identified trends throughout app design which could lead to security issues.

A particular concern raised by the report is that apps do not only work on the client side (i.e. on the user’s phone). They also often transmit data to a server which is hosted by the developer. While modern phone operating systems have some security mechanisms in place to prevent inappropriate access to data, there are often no such protections in place for data stored on the developer’s server or moving between the phone and the server. This means that vulnerabilities are just as common on the server side as on the client side.

The report includes recommendations for developers on how to create apps with better security, but what about for users? Firstly, users should pay attention to what access apps request when they are first installed. Look at what permissions an app is asking for and consider whether it is reasonable for the app’s function. If it is not, don’t install the app. Also, the report advises against rooting or jailbreaking your device as this disables some of the operating system’s built-in security features.

Other recommended regular security practices include using a properly randomized password or pin (not your birthday) and being careful what links you click on. You should also update your OS and your apps regularly, avoid third-party app stores, and not plug your phone into unknown PCs or charging stations.

And finally, lest you think that one operating system is better than another in terms of app security, the report warns against this. Although there were slightly more vulnerabilities found in Android than iOS apps, the report states that “this difference is not significant, and the overall security level of mobile application clients for Android and iOS is roughly the same.”

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Google Maps is adding new shopping tools for the holiday season
Person using Google Maps on a smartphone.

Google has announced several new features in Google Maps to keep you sane this holiday season by helping you avoid crowds, find your way around the malls, and even get your holiday dinner shopping done.

First off, Google is expanding its crowdedness data features for public transit and specific stores into a broader tool that it's calling "Area Busyness." This will show you how many folks are gathering in a specific neighborhood, rather than an individual store. As Google explains, you can use this information however you like, whether you want to steer clear of the crowds or seek out the hottest spots in town.

Read more
You can now move WhatsApp messages between Apple’s iPhones and Google’s Pixels
Google Pixel 6 Pro in Sorta Sunny color.

Switching between iPhones and Android phones has never been easier, with both operating systems offering tools to move your apps and as much data as you can between devices. Now, Google just made the switch even more painless as it now lets you transfer WhatsApp chats between iPhones and Pixels with a new update.

Despite SMS and iMessage's popularity in the U.S., WhatsApp remains a widely used messaging app in every other country. While the service makes moving to new phones in the same ecosystem seamless, it's often been impossible to switch between devices running on different operating systems. A switch between an iPhone 8 to an iPhone 13 might work fine, but trying to move your WhatsApp account to a Pixel 6 would mean leaving all your messages behind.

Read more
iPhone owners should update to iOS 15.0.2 right now
Multiple iPhone 13 screens showing iOS15.

Apple is advising iPhone owners to download its latest update to iOS and iPadOS 15 as it includes an important security patch as well as a number of bug fixes.

Made available on Monday, October 11, iOS and iPadOS 15.0.2 addresses an issue that could allow nefarious apps “to execute arbitrary code with kernel privileges.” In other words, it offers a way for a hacker to take control of your iDevice.

Read more